Security update for the Linux Kernel (important)

2016-02-03T15:11:57

Description

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075). - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2014-8989: The Linux kernel did not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allowed local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (bnc#906545). - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bnc#937969). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key (bnc#912202). - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937 (bnc#952384 953052). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). - CVE-2015-7885: The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951627). - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product (bnc#955354). - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock. (bsc#961509) - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). The following non-security bugs were fixed: - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934). - KVM: x86: update masterclock values on TSC writes (bsc#961739). - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client (bsc#960839). - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - cdrom: Random writing support for BD-RE media (bnc#959568). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224). - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422). - ipv6: fix tunnel error handling (bsc#952579). - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224). - uas: Add response iu handling (bnc#954138). - usbvision fix overflow of interfaces array (bnc#950998). - x86/evtchn: make use of PHYSDEVOP_map_pirq. - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).

Affected Package

OS	OS Version	Package Name	Package Version
openSUSE	13.2	xen-devel	4.4.3_08-38.1
openSUSE	13.2	cloop-kmp-default	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-xen-base	3.16.7-32.1
openSUSE	13.2	ipset-kmp-desktop-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-websrv	4.3.34-37.1
openSUSE	13.2	crash-doc	7.0.8-15.1
openSUSE	13.2	xen-debugsource	4.4.3_08-38.1
openSUSE	13.2	pcfclock-kmp-default-debuginfo	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	kernel-default	3.16.7-32.1
openSUSE	13.2	kernel-ec2-debuginfo	3.16.7-32.1
openSUSE	13.2	xtables-addons-kmp-desktop-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	cloop-kmp-default-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	virtualbox-guest-x11-debuginfo	4.3.34-37.1
openSUSE	13.2	python-virtualbox	4.3.34-37.1
openSUSE	13.2	kernel-xen	3.16.7-32.1
openSUSE	13.2	kernel-debug	3.16.7-32.1
openSUSE	13.2	bbswitch-kmp-desktop-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	cloop-debuginfo	2.639-14.15.1
openSUSE	13.2	kernel-obs-qa-xen	3.16.7-32.1
openSUSE	13.2	crash-kmp-xen-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	xen-devel	4.4.3_08-38.1
openSUSE	13.2	crash	7.0.8-15.1
openSUSE	13.2	xen-tools-debuginfo	4.4.3_08-38.1
openSUSE	13.2	ipset	6.23-15.1
openSUSE	13.2	hdjmod-kmp-default	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	pcfclock-kmp-pae	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	virtualbox-guest-kmp-desktop	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-source	3.16.7-32.1
openSUSE	13.2	xen-tools	4.4.3_08-38.1
openSUSE	13.2	xen-kmp-default	4.4.3_08_k3.16.7_32-38.1
openSUSE	13.2	crash-gcore	7.0.8-15.1
openSUSE	13.2	xtables-addons-kmp-default-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	bbswitch-kmp-default	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	kernel-vanilla-debugsource	3.16.7-32.1
openSUSE	13.2	xen-kmp-default-debuginfo	4.4.3_08_k3.16.7_32-38.1
openSUSE	13.2	virtualbox-websrv-debuginfo	4.3.34-37.1
openSUSE	13.2	kernel-debug-base-debuginfo	3.16.7-32.1
openSUSE	13.2	ipset-kmp-pae-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-guest-kmp-desktop-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-debug-debugsource	3.16.7-32.1
openSUSE	13.2	virtualbox-debugsource	4.3.34-37.1
openSUSE	13.2	ipset-kmp-pae	6.23_k3.16.7_32-15.1
openSUSE	13.2	xtables-addons	2.6-15.1
openSUSE	13.2	virtualbox-qt-debuginfo	4.3.34-37.1
openSUSE	13.2	ipset-devel	6.23-15.1
openSUSE	13.2	xen-libs	4.4.3_08-38.1
openSUSE	13.2	crash-doc	7.0.8-15.1
openSUSE	13.2	cloop-debuginfo	2.639-14.15.1
openSUSE	13.2	kernel-ec2-devel	3.16.7-32.1
openSUSE	13.2	kernel-xen-base	3.16.7-32.1
openSUSE	13.2	virtualbox-host-kmp-desktop-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	virtualbox-guest-kmp-desktop-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	crash-kmp-default-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	crash-kmp-desktop-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	pcfclock	0.44-260.15.1
openSUSE	13.2	crash-kmp-xen-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-debug	3.16.7-32.1
openSUSE	13.2	kernel-xen-devel	3.16.7-32.1
openSUSE	13.2	kernel-pae-debugsource	3.16.7-32.1
openSUSE	13.2	bbswitch	0.8-3.15.1
openSUSE	13.2	crash-kmp-pae	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-desktop-devel	3.16.7-32.1
openSUSE	13.2	xtables-addons-kmp-default	2.6_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-guest-x11	4.3.34-37.1
openSUSE	13.2	kernel-debug-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-eppic-debuginfo	7.0.8-15.1
openSUSE	13.2	xen-tools-domu	4.4.3_08-38.1
openSUSE	13.2	xtables-addons-debugsource	2.6-15.1
openSUSE	13.2	kernel-devel	3.16.7-32.1
openSUSE	13.2	virtualbox-host-kmp-default-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	virtualbox-host-source	4.3.34-37.1
openSUSE	13.2	virtualbox-devel	4.3.34-37.1
openSUSE	13.2	cloop-kmp-xen	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	cloop-debugsource	2.639-14.15.1
openSUSE	13.2	xen-libs-32bit	4.4.3_08-38.1
openSUSE	13.2	crash-debugsource	7.0.8-15.1
openSUSE	13.2	vhba-kmp-pae	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	xtables-addons-kmp-default	2.6_k3.16.7_32-15.1
openSUSE	13.2	kernel-desktop-base-debuginfo	3.16.7-32.1
openSUSE	13.2	bbswitch-debugsource	0.8-3.15.1
openSUSE	13.2	libipset3	6.23-15.1
openSUSE	13.2	kernel-vanilla	3.16.7-32.1
openSUSE	13.2	ipset-devel	6.23-15.1
openSUSE	13.2	ipset-debuginfo	6.23-15.1
openSUSE	13.2	ipset	6.23-15.1
openSUSE	13.2	kernel-docs	3.16.7-32.2
openSUSE	13.2	virtualbox-guest-tools	4.3.34-37.1
openSUSE	13.2	virtualbox-qt	4.3.34-37.1
openSUSE	13.2	virtualbox-qt-debuginfo	4.3.34-37.1
openSUSE	13.2	kernel-default-debugsource	3.16.7-32.1
openSUSE	13.2	virtualbox-host-kmp-default	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	vhba-kmp-pae-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	libipset3-debuginfo	6.23-15.1
openSUSE	13.2	kernel-desktop	3.16.7-32.1
openSUSE	13.2	virtualbox-host-kmp-desktop	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	ipset-kmp-default-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	kernel-obs-qa-xen	3.16.7-32.1
openSUSE	13.2	virtualbox-guest-tools	4.3.34-37.1
openSUSE	13.2	kernel-debug-devel-debuginfo	3.16.7-32.1
openSUSE	13.2	virtualbox-guest-x11	4.3.34-37.1
openSUSE	13.2	crash-kmp-pae-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-vanilla-debuginfo	3.16.7-32.1
openSUSE	13.2	xtables-addons-kmp-xen	2.6_k3.16.7_32-15.1
openSUSE	13.2	kernel-xen-debugsource	3.16.7-32.1
openSUSE	13.2	ipset-debugsource	6.23-15.1
openSUSE	13.2	bbswitch-kmp-pae-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	hdjmod-kmp-pae-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	kernel-desktop-devel	3.16.7-32.1
openSUSE	13.2	virtualbox-guest-desktop-icons	4.3.34-37.1
openSUSE	13.2	kernel-desktop-debuginfo	3.16.7-32.1
openSUSE	13.2	hdjmod-kmp-xen-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	xtables-addons-kmp-pae	2.6_k3.16.7_32-15.1
openSUSE	13.2	kernel-ec2-debugsource	3.16.7-32.1
openSUSE	13.2	vhba-kmp-default-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	crash-eppic-debuginfo	7.0.8-15.1
openSUSE	13.2	kernel-default-base-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-debugsource	7.0.8-15.1
openSUSE	13.2	vhba-kmp-debugsource	20140629-2.15.1
openSUSE	13.2	virtualbox-guest-kmp-desktop	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	xtables-addons-debugsource	2.6-15.1
openSUSE	13.2	virtualbox-host-kmp-default-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-pae-debuginfo	3.16.7-32.1
openSUSE	13.2	kernel-debug-devel	3.16.7-32.1
openSUSE	13.2	crash-kmp-default	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	vhba-kmp-desktop-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	virtualbox-debuginfo	4.3.34-37.1
openSUSE	13.2	kernel-vanilla-devel	3.16.7-32.1
openSUSE	13.2	crash	7.0.8-15.1
openSUSE	13.2	ipset-kmp-desktop	6.23_k3.16.7_32-15.1
openSUSE	13.2	kernel-desktop-base	3.16.7-32.1
openSUSE	13.2	bbswitch-kmp-default-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	kernel-syms	3.16.7-32.1
openSUSE	13.2	hdjmod-kmp-pae	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	ipset-kmp-default-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	xtables-addons	2.6-15.1
openSUSE	13.2	kernel-default-debuginfo	3.16.7-32.1
openSUSE	13.2	kernel-ec2-debuginfo	3.16.7-32.1
openSUSE	13.2	cloop-kmp-xen-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-obs-build-debugsource	3.16.7-32.2
openSUSE	13.2	virtualbox-host-kmp-desktop	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	virtualbox-websrv-debuginfo	4.3.34-37.1
openSUSE	13.2	kernel-xen-devel	3.16.7-32.1
openSUSE	13.2	crash-debuginfo	7.0.8-15.1
openSUSE	13.2	crash-kmp-default	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	xen-kmp-desktop-debuginfo	4.4.3_08_k3.16.7_32-38.1
openSUSE	13.2	vhba-kmp-desktop	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	virtualbox-guest-kmp-default	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-debug-devel-debuginfo	3.16.7-32.1
openSUSE	13.2	kernel-pae-base	3.16.7-32.1
openSUSE	13.2	xen-kmp-desktop	4.4.3_08_k3.16.7_32-38.1
openSUSE	13.2	virtualbox-host-kmp-pae-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	xtables-addons-kmp-xen	2.6_k3.16.7_32-15.1
openSUSE	13.2	bbswitch-kmp-desktop-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	pcfclock-debuginfo	0.44-260.15.1
openSUSE	13.2	hdjmod-kmp-xen	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	virtualbox-host-kmp-desktop-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	bbswitch	0.8-3.15.1
openSUSE	13.2	kernel-xen-debugsource	3.16.7-32.1
openSUSE	13.2	hdjmod-kmp-desktop-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	crash-devel	7.0.8-15.1
openSUSE	13.2	virtualbox-guest-tools-debuginfo	4.3.34-37.1
openSUSE	13.2	xtables-addons-kmp-default-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	xen-debugsource	4.4.3_08-38.1
openSUSE	13.2	ipset-debugsource	6.23-15.1
openSUSE	13.2	crash-kmp-default-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-debug-devel	3.16.7-32.1
openSUSE	13.2	ipset-kmp-default	6.23_k3.16.7_32-15.1
openSUSE	13.2	kernel-default-base-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-kmp-desktop-debuginfo	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-vanilla-debuginfo	3.16.7-32.1
openSUSE	13.2	bbswitch-kmp-xen	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	kernel-pae-base-debuginfo	3.16.7-32.1
openSUSE	13.2	cloop	2.639-14.15.1
openSUSE	13.2	python-virtualbox	4.3.34-37.1
openSUSE	13.2	xtables-addons-debuginfo	2.6-15.1
openSUSE	13.2	kernel-macros	3.16.7-32.1
openSUSE	13.2	virtualbox-guest-kmp-default	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-pae-devel	3.16.7-32.1
openSUSE	13.2	hdjmod-kmp-desktop	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	hdjmod-kmp-xen-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	bbswitch-kmp-desktop	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	vhba-kmp-default	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	kernel-obs-build	3.16.7-32.2
openSUSE	13.2	virtualbox-guest-kmp-pae	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	xtables-addons-kmp-desktop-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	pcfclock-kmp-desktop	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	pcfclock-kmp-desktop	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	ipset-kmp-default	6.23_k3.16.7_32-15.1
openSUSE	13.2	xtables-addons-kmp-xen-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	xen-tools-domu-debuginfo	4.4.3_08-38.1
openSUSE	13.2	cloop-kmp-pae-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-desktop-debugsource	3.16.7-32.1
openSUSE	13.2	vhba-kmp-debugsource	20140629-2.15.1
openSUSE	13.2	kernel-ec2-base	3.16.7-32.1
openSUSE	13.2	cloop-kmp-xen-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-debug-debugsource	3.16.7-32.1
openSUSE	13.2	pcfclock-debuginfo	0.44-260.15.1
openSUSE	13.2	bbswitch-kmp-desktop	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	vhba-kmp-xen-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	vhba-kmp-xen	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	kernel-obs-build	3.16.7-32.2
openSUSE	13.2	ipset-kmp-desktop-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-guest-tools-debuginfo	4.3.34-37.1
openSUSE	13.2	ipset-debuginfo	6.23-15.1
openSUSE	13.2	hdjmod-kmp-xen	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	ipset-kmp-xen-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	kernel-desktop-debuginfo	3.16.7-32.1
openSUSE	13.2	pcfclock-debugsource	0.44-260.15.1
openSUSE	13.2	cloop-kmp-desktop-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	crash-debuginfo	7.0.8-15.1
openSUSE	13.2	crash-gcore	7.0.8-15.1
openSUSE	13.2	kernel-default-debugsource	3.16.7-32.1
openSUSE	13.2	virtualbox-guest-x11-debuginfo	4.3.34-37.1
openSUSE	13.2	hdjmod-debugsource	1.28-18.16.1
openSUSE	13.2	libipset3	6.23-15.1
openSUSE	13.2	virtualbox-websrv	4.3.34-37.1
openSUSE	13.2	xen-libs-debuginfo	4.4.3_08-38.1
openSUSE	13.2	kernel-desktop-base-debuginfo	3.16.7-32.1
openSUSE	13.2	kernel-ec2-base-debuginfo	3.16.7-32.1
openSUSE	13.2	virtualbox-debugsource	4.3.34-37.1
openSUSE	13.2	kernel-pae	3.16.7-32.1
openSUSE	13.2	kernel-debug-base	3.16.7-32.1
openSUSE	13.2	virtualbox-qt	4.3.34-37.1
openSUSE	13.2	kernel-ec2-base-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-kmp-desktop	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	hdjmod-kmp-desktop-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	vhba-kmp-default	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	bbswitch-debugsource	0.8-3.15.1
openSUSE	13.2	kernel-default	3.16.7-32.1
openSUSE	13.2	crash-gcore-debuginfo	7.0.8-15.1
openSUSE	13.2	virtualbox-host-kmp-default	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	python-virtualbox-debuginfo	4.3.34-37.1
openSUSE	13.2	xtables-addons-kmp-xen-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	bbswitch-kmp-xen-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	kernel-obs-qa	3.16.7-32.1
openSUSE	13.2	kernel-ec2	3.16.7-32.1
openSUSE	13.2	vhba-kmp-desktop-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	xen-tools-domu-debuginfo	4.4.3_08-38.1
openSUSE	13.2	vhba-kmp-default-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	kernel-default-devel	3.16.7-32.1
openSUSE	13.2	kernel-xen	3.16.7-32.1
openSUSE	13.2	kernel-vanilla	3.16.7-32.1
openSUSE	13.2	libipset3-debuginfo	6.23-15.1
openSUSE	13.2	vhba-kmp-xen-debuginfo	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	cloop-kmp-default-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-debug-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-eppic	7.0.8-15.1
openSUSE	13.2	kernel-xen-debuginfo	3.16.7-32.1
openSUSE	13.2	crash-eppic	7.0.8-15.1
openSUSE	13.2	virtualbox-devel	4.3.34-37.1
openSUSE	13.2	pcfclock-kmp-default	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	ipset-kmp-xen	6.23_k3.16.7_32-15.1
openSUSE	13.2	hdjmod-kmp-default-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	kernel-desktop-base	3.16.7-32.1
openSUSE	13.2	kernel-desktop	3.16.7-32.1
openSUSE	13.2	ipset-kmp-desktop	6.23_k3.16.7_32-15.1
openSUSE	13.2	bbswitch-kmp-default-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	xen-libs-debuginfo	4.4.3_08-38.1
openSUSE	13.2	kernel-obs-build-debugsource	3.16.7-32.2
openSUSE	13.2	kernel-source-vanilla	3.16.7-32.1
openSUSE	13.2	cloop	2.639-14.15.1
openSUSE	13.2	pcfclock-debugsource	0.44-260.15.1
openSUSE	13.2	pcfclock-kmp-pae-debuginfo	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	xtables-addons-debuginfo	2.6-15.1
openSUSE	13.2	xtables-addons-kmp-pae-debuginfo	2.6_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-guest-kmp-default-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-default-debuginfo	3.16.7-32.1
openSUSE	13.2	xtables-addons-kmp-desktop	2.6_k3.16.7_32-15.1
openSUSE	13.2	pcfclock-kmp-desktop-debuginfo	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	bbswitch-kmp-xen-debuginfo	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	xen	4.4.3_08-38.1
openSUSE	13.2	kernel-default-devel	3.16.7-32.1
openSUSE	13.2	cloop-kmp-desktop	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	crash-devel	7.0.8-15.1
openSUSE	13.2	crash-kmp-xen	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	cloop-debugsource	2.639-14.15.1
openSUSE	13.2	xen-libs-debuginfo-32bit	4.4.3_08-38.1
openSUSE	13.2	ipset-kmp-xen-debuginfo	6.23_k3.16.7_32-15.1
openSUSE	13.2	kernel-xen-base-debuginfo	3.16.7-32.1
openSUSE	13.2	cloop-kmp-default	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	pcfclock-kmp-default-debuginfo	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	kernel-ec2-devel	3.16.7-32.1
openSUSE	13.2	virtualbox	4.3.34-37.1
openSUSE	13.2	kernel-debug-base	3.16.7-32.1
openSUSE	13.2	python-virtualbox-debuginfo	4.3.34-37.1
openSUSE	13.2	pcfclock-kmp-default	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	kernel-obs-qa	3.16.7-32.1
openSUSE	13.2	cloop-kmp-pae	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	cloop-kmp-xen	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	bbswitch-kmp-xen	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	hdjmod-kmp-default-debuginfo	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	vhba-kmp-desktop	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	bbswitch-kmp-default	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	ipset-kmp-xen	6.23_k3.16.7_32-15.1
openSUSE	13.2	virtualbox-guest-kmp-pae-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	hdjmod-kmp-desktop	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	kernel-default-base	3.16.7-32.1
openSUSE	13.2	virtualbox-debuginfo	4.3.34-37.1
openSUSE	13.2	kernel-default-base	3.16.7-32.1
openSUSE	13.2	crash-kmp-xen	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	hdjmod-kmp-default	1.28_k3.16.7_32-18.16.1
openSUSE	13.2	kernel-ec2	3.16.7-32.1
openSUSE	13.2	vhba-kmp-xen	20140629_k3.16.7_32-2.15.1
openSUSE	13.2	virtualbox-guest-kmp-default-debuginfo	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	cloop-kmp-desktop-debuginfo	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	cloop-kmp-desktop	2.639_k3.16.7_32-14.15.1
openSUSE	13.2	kernel-vanilla-debugsource	3.16.7-32.1
openSUSE	13.2	kernel-xen-debuginfo	3.16.7-32.1
openSUSE	13.2	virtualbox-host-kmp-pae	4.3.34_k3.16.7_32-37.1
openSUSE	13.2	kernel-desktop-debugsource	3.16.7-32.1
openSUSE	13.2	bbswitch-kmp-pae	0.8_k3.16.7_32-3.15.1
openSUSE	13.2	crash-gcore-debuginfo	7.0.8-15.1
openSUSE	13.2	pcfclock	0.44-260.15.1
openSUSE	13.2	xtables-addons-kmp-desktop	2.6_k3.16.7_32-15.1
openSUSE	13.2	xen-tools-domu	4.4.3_08-38.1
openSUSE	13.2	kernel-debug-base-debuginfo	3.16.7-32.1
openSUSE	13.2	kernel-ec2-base	3.16.7-32.1
openSUSE	13.2	xen-doc-html	4.4.3_08-38.1
openSUSE	13.2	xen-libs	4.4.3_08-38.1
openSUSE	13.2	pcfclock-kmp-desktop-debuginfo	0.44_k3.16.7_32-260.15.1
openSUSE	13.2	kernel-syms	3.16.7-32.1
openSUSE	13.2	kernel-ec2-debugsource	3.16.7-32.1
openSUSE	13.2	crash-kmp-desktop	7.0.8_k3.16.7_32-15.1
openSUSE	13.2	kernel-vanilla-devel	3.16.7-32.1
openSUSE	13.2	virtualbox	4.3.34-37.1
openSUSE	13.2	hdjmod-debugsource	1.28-18.16.1
openSUSE	13.2	kernel-xen-base-debuginfo	3.16.7-32.1

{"id": "OPENSUSE-SU-2016:0318-1", "vendorId": null, "type": "suse", "bulletinFamily": "unix", "title": "Security update for the Linux Kernel (important)", "description": "The openSUSE 13.2 kernel was updated to receive various security and\n bugfixes.\n\n Following security bugs were fixed:\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers gain root\n privileges. (bsc#962075).\n - CVE-2015-7550: A local user could have triggered a race between read and\n revoke in keyctl (bnc#958951).\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in\n drivers/net/ppp/pptp.c in the Linux kernel did not verify an address\n length, which allowed local users to obtain sensitive information from\n kernel memory and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n - CVE-2015-8543: The networking implementation in the Linux kernel did not\n validate protocol identifiers for certain protocol families, which\n allowed local users to cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain privileges by leveraging\n CLONE_NEWUSER support to execute a crafted SOCK_RAW application\n (bnc#958886).\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping\n of supplemental group memberships in certain namespace scenarios, which\n allowed local users to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category that is more\n restrictive than the entry for the other category, aka a "negative\n groups" issue, related to kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the\n x86_64 platform mishandles IRET faults in processing NMIs that\n occurred during userspace execution, which might allow local users to\n gain privileges by triggering an NMI (bnc#937969).\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the\n Linux kernel through 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl\n call (bnc#949936).\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and\n Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial\n of service (host OS panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local users to cause a\n denial of service (memory corruption or panic) or possibly have\n unspecified other impact via keyctl commands that trigger access to a\n key structure member during garbage collection of a key (bnc#912202).\n - CVE-2015-7990: Race condition in the rds_sendmsg function in\n net/rds/sendmsg.c in the Linux kernel allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified\n other impact by using a socket that was not properly bound (bnc#945825).\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did\n not initialize a certain structure member, which allowed local users to\n obtain sensitive information from kernel memory via a crafted\n application (bnc#951627).\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel\n did not validate attempted changes to the MTU value, which allowed\n context-dependent attackers to cause a denial of service (packet loss)\n via a value that is (1) smaller than the minimum compliant value or (2)\n larger than the MTU of an interface, as demonstrated by a Router\n Advertisement (RA) message that is not validated by a daemon, a\n different vulnerability than CVE-2015-0272. NOTE: the scope of\n CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user\n during a heartbeat timeout event after the 4-way handshake. Since\n sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the\n listening socket but released with the new association socket. The\n result is a deadlock on any future attempts to take the listening socket\n lock. (bsc#961509)\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to\n prevent information leak (bsc#959399).\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled\n (bsc#957990).\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers\n could have lead to double fetch vulnerabilities, causing denial of\n service or arbitrary code execution (depending on the configuration)\n (bsc#957988).\n\n The following non-security bugs were fixed:\n - ALSA: hda - Disable 64bit address for Creative HDA controllers\n (bnc#814440).\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n - Input: aiptek - fix crash on detecting device without endpoints\n (bnc#956708).\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2\n client (bsc#960839).\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another\n task (bsc#921949).\n - blktap: also call blkif_disconnect() when frontend switched to closed\n (bsc#952976).\n - blktap: refine mm tracking (bsc#952976).\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n - genksyms: Handle string literals with spaces in reference files\n (bsc#958510).\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n - ipv6: distinguish frag queues by device for multicast and link-local\n packets (bsc#955422).\n - ipv6: fix tunnel error handling (bsc#952579).\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n - uas: Add response iu handling (bnc#954138).\n - usbvision fix overflow of interfaces array (bnc#950998).\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set\n (bsc#957990 XSA-157).\n\n", "published": "2016-02-03T15:11:57", "modified": "2016-02-03T15:11:57", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00005.html", "reporter": "Suse", "references": ["https://bugzilla.suse.com/954404", "https://bugzilla.suse.com/956934", "https://bugzilla.suse.com/958504", "https://bugzilla.suse.com/958951", "https://bugzilla.suse.com/951627", "https://bugzilla.suse.com/912202", "https://bugzilla.suse.com/955354", "https://bugzilla.suse.com/937969", "https://bugzilla.suse.com/952384", "https://bugzilla.suse.com/949936", "https://bugzilla.suse.com/953527", "https://bugzilla.suse.com/950998", "https://bugzilla.suse.com/960839", "https://bugzilla.suse.com/959190", "https://bugzilla.suse.com/956708", "https://bugzilla.suse.com/944296", "https://bugzilla.suse.com/952976", "https://bugzilla.suse.com/955422", "https://bugzilla.suse.com/957988", "https://bugzilla.suse.com/959568", "https://bugzilla.suse.com/814440", "https://bugzilla.suse.com/951638", "https://bugzilla.suse.com/959399", "https://bugzilla.suse.com/957990", "https://bugzilla.suse.com/906545", "https://bugzilla.suse.com/958510", "https://bugzilla.suse.com/954138", "https://bugzilla.suse.com/937970", "https://bugzilla.suse.com/961509", "https://bugzilla.suse.com/958886", "https://bugzilla.suse.com/952579", "https://bugzilla.suse.com/945825", "https://bugzilla.suse.com/961739", "https://bugzilla.suse.com/962075", "https://bugzilla.suse.com/955224", "https://bugzilla.suse.com/938706", "https://bugzilla.suse.com/921949"], "cvelist": ["CVE-2015-8551", "CVE-2014-9529", "CVE-2015-8215", "CVE-2015-7550", "CVE-2014-8989", "CVE-2015-5307", "CVE-2015-8550", "CVE-2015-8543", "CVE-2016-0728", "CVE-2015-7990", "CVE-2015-8767", "CVE-2015-7799", "CVE-2015-8575", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-0272", "CVE-2015-5157", "CVE-2015-7885", "CVE-2015-6937", "CVE-2015-8104"], "immutableFields": [], "lastseen": "2021-06-08T18:41:36", "viewCount": 23, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-476", "ALAS-2016-642", "ALAS-2016-648"]}, {"type": "android", "idList": ["ANDROID:CVE-2014-9529", "ANDROID:CVE-2016-0728"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-03-01", "ANDROID:2016-09-01"]}, {"type": "archlinux", "idList": ["ASA-201601-20", "ASA-201601-26"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2015:0864", "CESA-2015:1137", "CESA-2015:2152", "CESA-2015:2315", "CESA-2015:2552", "CESA-2015:2636", "CESA-2016:0064", "CESA-2016:0185", "CESA-2016:0715", "CESA-2016:0855", "CESA-2016:1277", "CESA-2016:2574"]}, {"type": "checkpoint_security", "idList": ["CPS:SK109752"]}, {"type": "chrome", "idList": ["GCSA-4592147546557278119"]}, {"type": "cisa", "idList": ["CISA:FCB4B9C4CB605F6B805399E8D3B54A48"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:15914764000DDC203CA1C6352FDFCDC2", "CFOUNDRY:1E92DA1FCC786D8CF92EF17F4A659881", "CFOUNDRY:C46794B7C75A19DD0154048481CA0E90", "CFOUNDRY:DBE2857E4A4B43C72E03FDC8B6460BBB"]}, {"type": "cve", "idList": ["CVE-2014-8989", "CVE-2014-9529", "CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7550", "CVE-2015-7799", "CVE-2015-7885", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8767", "CVE-2016-0728", "CVE-2016-7028"]}, {"type": "debian", "idList": ["DEBIAN:DLA-310-1:EAC5D", "DEBIAN:DLA-360-1:6C323", "DEBIAN:DLA-378-1:26763", "DEBIAN:DLA-412-1:99076", "DEBIAN:DLA-479-1:373A9", "DEBIAN:DSA-3128-1:80F9C", "DEBIAN:DSA-3128-1:87238", "DEBIAN:DSA-3313-1:00F99", "DEBIAN:DSA-3313-1:C4641", "DEBIAN:DSA-3364-1:5D544", "DEBIAN:DSA-3364-1:B19FA", "DEBIAN:DSA-3396-1:605FF", "DEBIAN:DSA-3396-1:D48F1", "DEBIAN:DSA-3414-1:421D5", "DEBIAN:DSA-3426-1:7C23A", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DSA-3426-2:305C5", "DEBIAN:DSA-3426-2:B6338", "DEBIAN:DSA-3434-1:98A31", "DEBIAN:DSA-3434-1:C4F9A", "DEBIAN:DSA-3448-1:04492", "DEBIAN:DSA-3448-1:C7742", "DEBIAN:DSA-3454-1:3BA83", "DEBIAN:DSA-3471-1:91F2D", "DEBIAN:DSA-3471-1:DE1BB", "DEBIAN:DSA-3503-1:23448", "DEBIAN:DSA-3503-1:9DDFA", "DEBIAN:DSA-3519-1:C85E2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-8989", "DEBIANCVE:CVE-2014-9529", "DEBIANCVE:CVE-2015-0272", "DEBIANCVE:CVE-2015-5157", "DEBIANCVE:CVE-2015-5307", "DEBIANCVE:CVE-2015-6937", "DEBIANCVE:CVE-2015-7550", "DEBIANCVE:CVE-2015-7799", "DEBIANCVE:CVE-2015-7885", "DEBIANCVE:CVE-2015-7990", "DEBIANCVE:CVE-2015-8104", "DEBIANCVE:CVE-2015-8215", "DEBIANCVE:CVE-2015-8543", "DEBIANCVE:CVE-2015-8550", "DEBIANCVE:CVE-2015-8551", "DEBIANCVE:CVE-2015-8552", "DEBIANCVE:CVE-2015-8569", "DEBIANCVE:CVE-2015-8575", "DEBIANCVE:CVE-2015-8767", "DEBIANCVE:CVE-2016-0728"]}, {"type": "exploitdb", "idList": ["EDB-ID:39277", "EDB-ID:40003"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:3459535A8A480A3A2F164DB01F4CF994", "EXPLOITPACK:4CC02E891FC223E9BA1344151AC6958F"]}, {"type": "f5", "idList": ["F5:K01948202", "F5:K07560020", "F5:K17239", "F5:K17326", "F5:K31026324", "F5:K98102572", "SOL01948202", "SOL07560020", "SOL17239", "SOL17326", "SOL31026324", "SOL98102572"]}, {"type": "fedora", "idList": ["FEDORA:0777460874C8", "FEDORA:0A3A560481D7", "FEDORA:0D267606CFB3", "FEDORA:1661D600FD84", "FEDORA:33D8860877E1", "FEDORA:3ED73605E19A", "FEDORA:4375D611D164", "FEDORA:4A2C76087582", "FEDORA:4C0D46087804", "FEDORA:4F15F6087C54", "FEDORA:51EB2601616F", "FEDORA:52C43604E44B", "FEDORA:581F9608B7DF", "FEDORA:60B8C60918D5", "FEDORA:7734E613B647", "FEDORA:8A5146071240", "FEDORA:8EFBC604949F", "FEDORA:92F5160877B4", "FEDORA:9D2976087C32", "FEDORA:A4C8660C350E", "FEDORA:A5C89601FC0F", "FEDORA:AA4AD60600CD", "FEDORA:B694160877EC", "FEDORA:B9C4760130DC", "FEDORA:BAFAB6087824", "FEDORA:BD41660BC2B1", "FEDORA:C26F460906BA", "FEDORA:C7C84604E909", "FEDORA:CE3236087E07", "FEDORA:CFDB8604972F", "FEDORA:D0CC960762B3", "FEDORA:DDD4D6087E4D", "FEDORA:E1CE2605E17A", "FEDORA:E328560486E4", "FEDORA:E8A1B605F1FB"]}, {"type": "freebsd", "idList": ["2CABFBAB-8BFB-11E5-BD18-002590263BF5"]}, {"type": "gentoo", "idList": ["GLSA-201604-03"]}, {"type": "hp", "idList": ["HP:C05018265"]}, {"type": "ibm", "idList": ["2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "50D485C935533CE40EA67F7999EFEC0CD0087E4C2E7926EFF7DCB22671BD3052", "658C6A388449448220E16F3A05A122A56F35F4A9A9370C4B63DC0779B971B6CE", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484", "FEB454192324EB1799F0F9780D23A42A252A28B14E83FD0128335A1EFF374490"]}, {"type": "kaspersky", "idList": ["KLA10744"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2015-0070", "MGASA-2015-0075", "MGASA-2015-0076", "MGASA-2015-0077", "MGASA-2015-0078", "MGASA-2015-0450", "MGASA-2016-0005", "MGASA-2016-0014", "MGASA-2016-0015", "MGASA-2016-0031", "MGASA-2016-0032", "MGASA-2016-0033", "MGASA-2016-0098", "MGASA-2016-0225", "MGASA-2016-0232", "MGASA-2016-0233", "MGASA-2016-0281"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-476.NASL", "ALA_ALAS-2016-642.NASL", "ALA_ALAS-2016-648.NASL", "CENTOS_RHSA-2015-0864.NASL", "CENTOS_RHSA-2015-1137.NASL", "CENTOS_RHSA-2015-2152.NASL", "CENTOS_RHSA-2015-2315.NASL", "CENTOS_RHSA-2015-2552.NASL", "CENTOS_RHSA-2015-2636.NASL", "CENTOS_RHSA-2016-0064.NASL", "CENTOS_RHSA-2016-0185.NASL", "CENTOS_RHSA-2016-0715.NASL", "CENTOS_RHSA-2016-0855.NASL", "CENTOS_RHSA-2016-1277.NASL", "CENTOS_RHSA-2016-2574.NASL", "CITRIX_XENSERVER_CTX202583.NASL", "DEBIAN_DLA-310.NASL", "DEBIAN_DLA-360.NASL", "DEBIAN_DLA-378.NASL", "DEBIAN_DLA-412.NASL", "DEBIAN_DLA-479.NASL", "DEBIAN_DSA-3128.NASL", "DEBIAN_DSA-3313.NASL", "DEBIAN_DSA-3364.NASL", "DEBIAN_DSA-3396.NASL", "DEBIAN_DSA-3414.NASL", "DEBIAN_DSA-3426-1.NASL", "DEBIAN_DSA-3426.NASL", "DEBIAN_DSA-3434.NASL", "DEBIAN_DSA-3448.NASL", "DEBIAN_DSA-3454.NASL", "DEBIAN_DSA-3471.NASL", "DEBIAN_DSA-3503.NASL", "DEBIAN_DSA-3519.NASL", "EULEROS_SA-2016-1020.NASL", "EULEROS_SA-2016-1024.NASL", "EULEROS_SA-2019-1472.NASL", "EULEROS_SA-2019-1474.NASL", "EULEROS_SA-2019-1483.NASL", "EULEROS_SA-2019-1484.NASL", "EULEROS_SA-2019-1488.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1491.NASL", "EULEROS_SA-2019-1505.NASL", "EULEROS_SA-2019-1508.NASL", "EULEROS_SA-2019-1517.NASL", "EULEROS_SA-2019-1518.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1520.NASL", "EULEROS_SA-2019-1521.NASL", "EULEROS_SA-2019-1525.NASL", "EULEROS_SA-2019-1527.NASL", "EULEROS_SA-2019-1532.NASL", "EULEROS_SA-2019-1533.NASL", "EULEROS_SA-2019-1536.NASL", "EULEROS_SA-2019-1537.NASL", "F5_BIGIP_SOL17326.NASL", "F5_BIGIP_SOL31026324.NASL", "F5_BIGIP_SOL98102572.NASL", "FEDORA_2015-0515.NASL", "FEDORA_2015-0517.NASL", "FEDORA_2015-115C302856.NASL", "FEDORA_2015-16417.NASL", "FEDORA_2015-16440.NASL", "FEDORA_2015-16441.NASL", "FEDORA_2015-394835A3F6.NASL", "FEDORA_2015-668D213DC3.NASL", "FEDORA_2015-C1C2F5E168.NASL", "FEDORA_2015-C44BD3E0FA.NASL", "FEDORA_2015-C59710B05D.NASL", "FEDORA_2015-CD94AD8D7C.NASL", "FEDORA_2015-D8253E2B1D.NASL", "FEDORA_2015-F150B2A8C8.NASL", "FEDORA_2015-F2C534BC12.NASL", "FEDORA_2016-5D43766E33.NASL", "FEDORA_2016-6CE812A1E0.NASL", "FEDORA_2016-B59FD603BE.NASL", "FREEBSD_PKG_2CABFBAB8BFB11E5BD18002590263BF5.NASL", "GENTOO_GLSA-201604-03.NASL", "MANDRIVA_MDVSA-2015-027.NASL", "MANDRIVA_MDVSA-2015-058.NASL", "NEWSTART_CGSL_NS-SA-2019-0004_KERNEL.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2015-302.NASL", "OPENSUSE-2015-686.NASL", "OPENSUSE-2015-879.NASL", "OPENSUSE-2015-892.NASL", "OPENSUSE-2015-893.NASL", "OPENSUSE-2016-1029.NASL", "OPENSUSE-2016-116.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-136.NASL", "OPENSUSE-2016-34.NASL", "OPENSUSE-2016-35.NASL", "OPENSUSE-2016-36.NASL", "OPENSUSE-2016-445.NASL", "OPENSUSE-2016-518.NASL", "ORACLELINUX_ELSA-2015-0864.NASL", "ORACLELINUX_ELSA-2015-1137.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2152.NASL", "ORACLELINUX_ELSA-2015-2315.NASL", "ORACLELINUX_ELSA-2015-2552.NASL", "ORACLELINUX_ELSA-2015-2636.NASL", "ORACLELINUX_ELSA-2015-3032.NASL", "ORACLELINUX_ELSA-2015-3035.NASL", "ORACLELINUX_ELSA-2015-3064.NASL", "ORACLELINUX_ELSA-2015-3098.NASL", "ORACLELINUX_ELSA-2015-3107.NASL", "ORACLELINUX_ELSA-2016-0064.NASL", "ORACLELINUX_ELSA-2016-0185.NASL", "ORACLELINUX_ELSA-2016-0715.NASL", "ORACLELINUX_ELSA-2016-0855.NASL", "ORACLELINUX_ELSA-2016-1277.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-3502.NASL", "ORACLELINUX_ELSA-2016-3503.NASL", "ORACLELINUX_ELSA-2016-3509.NASL", "ORACLELINUX_ELSA-2016-3510.NASL", "ORACLELINUX_ELSA-2016-3519.NASL", "ORACLELINUX_ELSA-2016-3551.NASL", "ORACLELINUX_ELSA-2016-3552.NASL", "ORACLELINUX_ELSA-2016-3553.NASL", "ORACLELINUX_ELSA-2016-3554.NASL", "ORACLELINUX_ELSA-2016-3559.NASL", "ORACLELINUX_ELSA-2016-3565.NASL", "ORACLELINUX_ELSA-2016-3566.NASL", "ORACLELINUX_ELSA-2016-3567.NASL", "ORACLELINUX_ELSA-2016-3596.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2018-4020.NASL", "ORACLELINUX_ELSA-2018-4022.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2018-4172.NASL", "ORACLEVM_OVMSA-2015-0056.NASL", "ORACLEVM_OVMSA-2015-0060.NASL", "ORACLEVM_OVMSA-2015-0109.NASL", "ORACLEVM_OVMSA-2015-0147.NASL", "ORACLEVM_OVMSA-2015-0154.NASL", "ORACLEVM_OVMSA-2016-0005.NASL", "ORACLEVM_OVMSA-2016-0007.NASL", "ORACLEVM_OVMSA-2016-0014.NASL", "ORACLEVM_OVMSA-2016-0037.NASL", "ORACLEVM_OVMSA-2016-0046.NASL", "ORACLEVM_OVMSA-2016-0047.NASL", "ORACLEVM_OVMSA-2016-0052.NASL", "ORACLEVM_OVMSA-2016-0053.NASL", "ORACLEVM_OVMSA-2016-0060.NASL", "ORACLEVM_OVMSA-2016-0081.NASL", "ORACLEVM_OVMSA-2016-0089.NASL", "ORACLEVM_OVMSA-2016-0100.NASL", "ORACLEVM_OVMSA-2016-0165.NASL", "ORACLEVM_OVMSA-2016-0166.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2018-0016.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "REDHAT-RHSA-2015-0864.NASL", "REDHAT-RHSA-2015-1137.NASL", "REDHAT-RHSA-2015-1138.NASL", "REDHAT-RHSA-2015-1139.NASL", "REDHAT-RHSA-2015-2152.NASL", "REDHAT-RHSA-2015-2315.NASL", "REDHAT-RHSA-2015-2552.NASL", "REDHAT-RHSA-2015-2587.NASL", "REDHAT-RHSA-2015-2636.NASL", "REDHAT-RHSA-2015-2645.NASL", "REDHAT-RHSA-2016-0004.NASL", "REDHAT-RHSA-2016-0024.NASL", "REDHAT-RHSA-2016-0046.NASL", "REDHAT-RHSA-2016-0064.NASL", "REDHAT-RHSA-2016-0065.NASL", "REDHAT-RHSA-2016-0068.NASL", "REDHAT-RHSA-2016-0103.NASL", "REDHAT-RHSA-2016-0185.NASL", "REDHAT-RHSA-2016-0212.NASL", "REDHAT-RHSA-2016-0224.NASL", "REDHAT-RHSA-2016-0715.NASL", "REDHAT-RHSA-2016-0855.NASL", "REDHAT-RHSA-2016-1277.NASL", "REDHAT-RHSA-2016-1301.NASL", "REDHAT-RHSA-2016-1341.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "SL_20150421_KERNEL_ON_SL6_X.NASL", "SL_20150623_KERNEL_ON_SL7_X.NASL", "SL_20151119_NETWORKMANAGER_ON_SL7_X.NASL", "SL_20151208_KERNEL_ON_SL7_X.NASL", "SL_20151215_KERNEL_ON_SL6_X.NASL", "SL_20160125_KERNEL_ON_SL7_X.NASL", "SL_20160216_KERNEL_ON_SL7_X.NASL", "SL_20160504_KERNEL_ON_SL6_X.NASL", "SL_20160510_KERNEL_ON_SL6_X.NASL", "SL_20160623_KERNEL_ON_SL7_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SMB_KB3108638.NASL", "SOLARIS_JUL2016_SRU11_3_8_7_0.NASL", "SOLARIS_OCT2018_SRU11_4_1_4_0.NASL", "SUSE_SU-2015-1174-1.NASL", "SUSE_SU-2015-1727-1.NASL", "SUSE_SU-2015-2108-1.NASL", "SUSE_SU-2015-2194-1.NASL", "SUSE_SU-2015-2292-1.NASL", "SUSE_SU-2015-2306-1.NASL", "SUSE_SU-2015-2324-1.NASL", "SUSE_SU-2015-2326-1.NASL", "SUSE_SU-2015-2328-1.NASL", "SUSE_SU-2015-2338-1.NASL", "SUSE_SU-2015-2339-1.NASL", "SUSE_SU-2016-0168-1.NASL", "SUSE_SU-2016-0186-1.NASL", "SUSE_SU-2016-0205-1.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-0658-1.NASL", "SUSE_SU-2016-0785-1.NASL", "SUSE_SU-2016-0873-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-0955-1.NASL", "SUSE_SU-2016-1154-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-1318-1.NASL", "SUSE_SU-2016-1745-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2105-1.NASL", "UBUNTU_USN-2511-1.NASL", "UBUNTU_USN-2512-1.NASL", "UBUNTU_USN-2513-1.NASL", "UBUNTU_USN-2515-1.NASL", "UBUNTU_USN-2515-2.NASL", "UBUNTU_USN-2516-1.NASL", "UBUNTU_USN-2516-2.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-2517-1.NASL", "UBUNTU_USN-2518-1.NASL", "UBUNTU_USN-2687-1.NASL", "UBUNTU_USN-2688-1.NASL", "UBUNTU_USN-2689-1.NASL", "UBUNTU_USN-2690-1.NASL", "UBUNTU_USN-2691-1.NASL", "UBUNTU_USN-2700-1.NASL", "UBUNTU_USN-2701-1.NASL", "UBUNTU_USN-2773-1.NASL", "UBUNTU_USN-2775-1.NASL", "UBUNTU_USN-2776-1.NASL", "UBUNTU_USN-2777-1.NASL", "UBUNTU_USN-2778-1.NASL", "UBUNTU_USN-2779-1.NASL", "UBUNTU_USN-2792-1.NASL", "UBUNTU_USN-2797-1.NASL", "UBUNTU_USN-2800-1.NASL", "UBUNTU_USN-2801-1.NASL", "UBUNTU_USN-2802-1.NASL", "UBUNTU_USN-2803-1.NASL", "UBUNTU_USN-2804-1.NASL", "UBUNTU_USN-2805-1.NASL", "UBUNTU_USN-2806-1.NASL", "UBUNTU_USN-2807-1.NASL", "UBUNTU_USN-2840-1.NASL", "UBUNTU_USN-2841-1.NASL", "UBUNTU_USN-2841-2.NASL", "UBUNTU_USN-2842-1.NASL", "UBUNTU_USN-2842-2.NASL", "UBUNTU_USN-2843-1.NASL", "UBUNTU_USN-2843-2.NASL", "UBUNTU_USN-2843-3.NASL", "UBUNTU_USN-2844-1.NASL", "UBUNTU_USN-2846-1.NASL", "UBUNTU_USN-2847-1.NASL", "UBUNTU_USN-2848-1.NASL", "UBUNTU_USN-2849-1.NASL", "UBUNTU_USN-2850-1.NASL", "UBUNTU_USN-2851-1.NASL", "UBUNTU_USN-2853-1.NASL", "UBUNTU_USN-2854-1.NASL", "UBUNTU_USN-2870-1.NASL", "UBUNTU_USN-2870-2.NASL", "UBUNTU_USN-2871-1.NASL", "UBUNTU_USN-2871-2.NASL", "UBUNTU_USN-2872-1.NASL", "UBUNTU_USN-2872-2.NASL", "UBUNTU_USN-2872-3.NASL", "UBUNTU_USN-2873-1.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2887-1.NASL", "UBUNTU_USN-2887-2.NASL", "UBUNTU_USN-2888-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2889-2.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2890-3.NASL", "UBUNTU_USN-2891-1.NASL", "UBUNTU_USN-2907-1.NASL", "UBUNTU_USN-2907-2.NASL", "UBUNTU_USN-2910-1.NASL", "UBUNTU_USN-2910-2.NASL", "UBUNTU_USN-2911-1.NASL", "UBUNTU_USN-2930-1.NASL", "UBUNTU_USN-2930-2.NASL", "UBUNTU_USN-2930-3.NASL", "UBUNTU_USN-2931-1.NASL", "UBUNTU_USN-2932-1.NASL", "UBUNTU_USN-2967-1.NASL", "UBUNTU_USN-3083-1.NASL", "UBUNTU_USN-3083-2.NASL", "VIRTUALBOX_5_0_10.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105465", "OPENVAS:1361412562310105517", "OPENVAS:1361412562310105528", "OPENVAS:1361412562310106510", "OPENVAS:1361412562310120291", "OPENVAS:1361412562310120632", "OPENVAS:1361412562310120638", "OPENVAS:1361412562310121460", "OPENVAS:1361412562310122732", "OPENVAS:1361412562310122782", "OPENVAS:1361412562310122797", "OPENVAS:1361412562310122801", "OPENVAS:1361412562310122806", "OPENVAS:1361412562310122821", "OPENVAS:1361412562310122822", "OPENVAS:1361412562310122851", "OPENVAS:1361412562310122854", "OPENVAS:1361412562310122858", "OPENVAS:1361412562310122884", "OPENVAS:1361412562310122886", "OPENVAS:1361412562310122925", "OPENVAS:1361412562310122926", "OPENVAS:1361412562310122927", "OPENVAS:1361412562310122928", "OPENVAS:1361412562310122929", "OPENVAS:1361412562310123045", "OPENVAS:1361412562310123095", "OPENVAS:1361412562310123124", "OPENVAS:1361412562310123129", "OPENVAS:1361412562310131137", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310131175", "OPENVAS:1361412562310131182", "OPENVAS:1361412562310131197", "OPENVAS:1361412562310131198", "OPENVAS:1361412562310131199", "OPENVAS:1361412562310131256", "OPENVAS:1361412562310703128", "OPENVAS:1361412562310703313", "OPENVAS:1361412562310703364", "OPENVAS:1361412562310703396", "OPENVAS:1361412562310703414", "OPENVAS:1361412562310703426", "OPENVAS:1361412562310703434", "OPENVAS:1361412562310703448", "OPENVAS:1361412562310703454", "OPENVAS:1361412562310703471", "OPENVAS:1361412562310703503", "OPENVAS:1361412562310703519", "OPENVAS:1361412562310806718", "OPENVAS:1361412562310807102", "OPENVAS:1361412562310807219", "OPENVAS:1361412562310807312", "OPENVAS:1361412562310842105", "OPENVAS:1361412562310842106", "OPENVAS:1361412562310842107", "OPENVAS:1361412562310842108", "OPENVAS:1361412562310842109", "OPENVAS:1361412562310842110", "OPENVAS:1361412562310842111", "OPENVAS:1361412562310842112", "OPENVAS:1361412562310842113", "OPENVAS:1361412562310842115", "OPENVAS:1361412562310842116", "OPENVAS:1361412562310842388", "OPENVAS:1361412562310842389", "OPENVAS:1361412562310842390", "OPENVAS:1361412562310842392", "OPENVAS:1361412562310842396", "OPENVAS:1361412562310842399", "OPENVAS:1361412562310842450", "OPENVAS:1361412562310842492", "OPENVAS:1361412562310842493", "OPENVAS:1361412562310842494", "OPENVAS:1361412562310842496", "OPENVAS:1361412562310842498", "OPENVAS:1361412562310842499", "OPENVAS:1361412562310842500", "OPENVAS:1361412562310842517", "OPENVAS:1361412562310842520", "OPENVAS:1361412562310842521", "OPENVAS:1361412562310842522", "OPENVAS:1361412562310842523", "OPENVAS:1361412562310842524", "OPENVAS:1361412562310842525", "OPENVAS:1361412562310842526", "OPENVAS:1361412562310842528", "OPENVAS:1361412562310842529", "OPENVAS:1361412562310842530", "OPENVAS:1361412562310842565", "OPENVAS:1361412562310842567", "OPENVAS:1361412562310842568", "OPENVAS:1361412562310842569", "OPENVAS:1361412562310842571", "OPENVAS:1361412562310842572", "OPENVAS:1361412562310842573", "OPENVAS:1361412562310842574", "OPENVAS:1361412562310842575", "OPENVAS:1361412562310842603", "OPENVAS:1361412562310842605", "OPENVAS:1361412562310842606", "OPENVAS:1361412562310842608", "OPENVAS:1361412562310842609", "OPENVAS:1361412562310842610", "OPENVAS:1361412562310842611", "OPENVAS:1361412562310842612", "OPENVAS:1361412562310842621", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310842627", "OPENVAS:1361412562310842628", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842632", "OPENVAS:1361412562310842633", "OPENVAS:1361412562310842650", "OPENVAS:1361412562310842651", "OPENVAS:1361412562310842653", "OPENVAS:1361412562310842654", "OPENVAS:1361412562310842657", "OPENVAS:1361412562310842667", "OPENVAS:1361412562310842686", "OPENVAS:1361412562310842687", "OPENVAS:1361412562310842691", "OPENVAS:1361412562310842693", "OPENVAS:1361412562310842698", "OPENVAS:1361412562310842735", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310842887", "OPENVAS:1361412562310842889", "OPENVAS:1361412562310850649", "OPENVAS:1361412562310850670", "OPENVAS:1361412562310850904", "OPENVAS:1361412562310851121", "OPENVAS:1361412562310851138", "OPENVAS:1361412562310851154", "OPENVAS:1361412562310851157", "OPENVAS:1361412562310851159", "OPENVAS:1361412562310851161", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851179", "OPENVAS:1361412562310851188", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310851242", "OPENVAS:1361412562310851273", "OPENVAS:1361412562310851315", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310868914", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868954", "OPENVAS:1361412562310868980", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869077", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869115", "OPENVAS:1361412562310869136", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869284", "OPENVAS:1361412562310869369", "OPENVAS:1361412562310869374", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310869459", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310869857", "OPENVAS:1361412562310869889", "OPENVAS:1361412562310869982", "OPENVAS:1361412562310869986", "OPENVAS:1361412562310871358", "OPENVAS:1361412562310871380", "OPENVAS:1361412562310871481", "OPENVAS:1361412562310871516", "OPENVAS:1361412562310871524", "OPENVAS:1361412562310871546", "OPENVAS:1361412562310871558", "OPENVAS:1361412562310871606", "OPENVAS:1361412562310871611", "OPENVAS:1361412562310871633", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310882174", "OPENVAS:1361412562310882205", "OPENVAS:1361412562310882342", "OPENVAS:1361412562310882377", "OPENVAS:1361412562310882396", "OPENVAS:1361412562310882482", "OPENVAS:1361412562310882511", "OPENVAS:1361412562311220161020", "OPENVAS:1361412562311220161024", "OPENVAS:1361412562311220191472", "OPENVAS:1361412562311220191474", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191484", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191491", "OPENVAS:1361412562311220191505", "OPENVAS:1361412562311220191508", "OPENVAS:1361412562311220191517", "OPENVAS:1361412562311220191518", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220191520", "OPENVAS:1361412562311220191521", "OPENVAS:1361412562311220191525", "OPENVAS:1361412562311220191527", "OPENVAS:1361412562311220191532", "OPENVAS:1361412562311220191533", "OPENVAS:1361412562311220191536", "OPENVAS:1361412562311220191537", "OPENVAS:703128", "OPENVAS:703313", "OPENVAS:703364", "OPENVAS:703396", "OPENVAS:703414", "OPENVAS:703426", "OPENVAS:703434", "OPENVAS:703448", "OPENVAS:703454", "OPENVAS:703471", "OPENVAS:703503", "OPENVAS:703519", "OPENVAS:807312"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2016", "ORACLE:CPUJUL2016", "ORACLE:CPUOCT2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-0864", "ELSA-2015-1137", "ELSA-2015-2315", "ELSA-2015-2552", "ELSA-2015-2636", "ELSA-2015-3032", "ELSA-2015-3035", "ELSA-2015-3064", "ELSA-2015-3098", "ELSA-2015-3107", "ELSA-2016-0064", "ELSA-2016-0185", "ELSA-2016-0715", "ELSA-2016-0855", "ELSA-2016-1277", "ELSA-2016-2574", "ELSA-2016-3502", "ELSA-2016-3503", "ELSA-2016-3509", "ELSA-2016-3510", "ELSA-2016-3519", "ELSA-2016-3551", "ELSA-2016-3552", "ELSA-2016-3553", "ELSA-2016-3554", "ELSA-2016-3559", "ELSA-2016-3565", "ELSA-2016-3566", "ELSA-2016-3567", "ELSA-2017-3534", "ELSA-2017-3567", "ELSA-2018-4020", "ELSA-2018-4022", "ELSA-2018-4109", "ELSA-2018-4110", "ELSA-2018-4164", "ELSA-2018-4172"]}, {"type": "osv", "idList": ["OSV:DLA-310-1", "OSV:DLA-360-1", "OSV:DLA-378-1", "OSV:DLA-412-1", "OSV:DLA-479-1", "OSV:DSA-3128-1", "OSV:DSA-3313-1", "OSV:DSA-3364-1", "OSV:DSA-3396-1", "OSV:DSA-3414-1", "OSV:DSA-3426-1", "OSV:DSA-3426-2", "OSV:DSA-3434-1", "OSV:DSA-3448-1", "OSV:DSA-3454-1", "OSV:DSA-3471-1", "OSV:DSA-3503-1", "OSV:DSA-3519-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:135330"]}, {"type": "redhat", "idList": ["RHSA-2015:0864", "RHSA-2015:1137", "RHSA-2015:1138", "RHSA-2015:1139", "RHSA-2015:2152", "RHSA-2015:2315", "RHSA-2015:2552", "RHSA-2015:2587", "RHSA-2015:2636", "RHSA-2015:2645", "RHSA-2016:0004", "RHSA-2016:0024", "RHSA-2016:0046", "RHSA-2016:0064", "RHSA-2016:0065", "RHSA-2016:0068", "RHSA-2016:0103", "RHSA-2016:0185", "RHSA-2016:0212", "RHSA-2016:0224", "RHSA-2016:0715", "RHSA-2016:0855", "RHSA-2016:1277", "RHSA-2016:1301", "RHSA-2016:1341", "RHSA-2016:2574", "RHSA-2016:2584"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31621", "SECURITYVULNS:DOC:31768", "SECURITYVULNS:DOC:32352", "SECURITYVULNS:DOC:32513", "SECURITYVULNS:VULN:14217", "SECURITYVULNS:VULN:14224", "SECURITYVULNS:VULN:14579"]}, {"type": "seebug", "idList": ["SSV:90673", "SSV:91603"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0713-1", "OPENSUSE-SU-2015:0714-1", "OPENSUSE-SU-2015:1842-1", "OPENSUSE-SU-2016:0123-1", "OPENSUSE-SU-2016:0124-1", "OPENSUSE-SU-2016:0126-1", "OPENSUSE-SU-2016:0280-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:1008-1", "OPENSUSE-SU-2016:2184-1", "OPENSUSE-SU-2016:2649-1", "SUSE-SU-2015:1376-1", "SUSE-SU-2015:1727-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2015:2194-1", "SUSE-SU-2015:2292-1", "SUSE-SU-2015:2339-1", "SUSE-SU-2015:2350-1", "SUSE-SU-2016:0168-1", "SUSE-SU-2016:0186-1", "SUSE-SU-2016:0205-1", "SUSE-SU-2016:0335-1", "SUSE-SU-2016:0337-1", "SUSE-SU-2016:0341-1", "SUSE-SU-2016:0354-1", "SUSE-SU-2016:0380-1", "SUSE-SU-2016:0381-1", "SUSE-SU-2016:0383-1", "SUSE-SU-2016:0384-1", "SUSE-SU-2016:0386-1", "SUSE-SU-2016:0387-1", "SUSE-SU-2016:0434-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0658-1", "SUSE-SU-2016:0745-1", "SUSE-SU-2016:0746-1", "SUSE-SU-2016:0747-1", "SUSE-SU-2016:0750-1", "SUSE-SU-2016:0751-1", "SUSE-SU-2016:0752-1", "SUSE-SU-2016:0753-1", "SUSE-SU-2016:0755-1", "SUSE-SU-2016:0756-1", "SUSE-SU-2016:0757-1", "SUSE-SU-2016:0785-1", "SUSE-SU-2016:0873-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:0955-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1154-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1318-1", "SUSE-SU-2016:1707-1", "SUSE-SU-2016:1745-1", "SUSE-SU-2016:1764-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2105-1"]}, {"type": "symantec", "idList": ["SMNTC-1349"]}, {"type": "thn", "idList": ["THN:2F321B0D3CF635D0F8D272948E9B31C9"]}, {"type": "threatpost", "idList": ["THREATPOST:3457E4B368AF24E94CB5545AC02382A8", "THREATPOST:45807D1856E34DEFF51A771D0E730AA3", "THREATPOST:C5F01C375D7DB776A2A5902570B2E5FD"]}, {"type": "ubuntu", "idList": ["USN-2511-1", "USN-2512-1", "USN-2513-1", "USN-2514-1", "USN-2515-1", "USN-2515-2", "USN-2516-1", "USN-2516-2", "USN-2516-3", "USN-2517-1", "USN-2518-1", "USN-2687-1", "USN-2688-1", "USN-2689-1", "USN-2690-1", "USN-2691-1", "USN-2773-1", "USN-2774-1", "USN-2775-1", "USN-2776-1", "USN-2777-1", "USN-2778-1", "USN-2779-1", "USN-2792-1", "USN-2796-1", "USN-2797-1", "USN-2800-1", "USN-2801-1", "USN-2802-1", "USN-2803-1", "USN-2804-1", "USN-2805-1", "USN-2806-1", "USN-2807-1", "USN-2840-1", "USN-2841-1", "USN-2841-2", "USN-2842-1", "USN-2842-2", "USN-2843-1", "USN-2843-2", "USN-2843-3", "USN-2844-1", "USN-2846-1", "USN-2847-1", "USN-2848-1", "USN-2849-1", "USN-2850-1", "USN-2851-1", "USN-2853-1", "USN-2854-1", "USN-2870-1", "USN-2870-2", "USN-2871-1", "USN-2871-2", "USN-2872-1", "USN-2872-2", "USN-2872-3", "USN-2873-1", "USN-2886-1", "USN-2886-2", "USN-2887-1", "USN-2887-2", "USN-2888-1", "USN-2889-1", "USN-2889-2", "USN-2890-1", "USN-2890-2", "USN-2890-3", "USN-2891-1", "USN-2907-1", "USN-2907-2", "USN-2910-1", "USN-2910-2", "USN-2911-1", "USN-2911-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2931-1", "USN-2932-1", "USN-2967-1", "USN-2967-2", "USN-3083-1", "USN-3083-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-8989", "UB:CVE-2014-9529", "UB:CVE-2015-0272", "UB:CVE-2015-5157", "UB:CVE-2015-5307", "UB:CVE-2015-6937", "UB:CVE-2015-7550", "UB:CVE-2015-7799", "UB:CVE-2015-7885", "UB:CVE-2015-7990", "UB:CVE-2015-8104", "UB:CVE-2015-8215", "UB:CVE-2015-8543", "UB:CVE-2015-8550", "UB:CVE-2015-8551", "UB:CVE-2015-8552", "UB:CVE-2015-8569", "UB:CVE-2015-8575", "UB:CVE-2015-8767", "UB:CVE-2016-0728"]}, {"type": "xen", "idList": ["XSA-155", "XSA-156", "XSA-157"]}, {"type": "zdt", "idList": ["1337DAY-ID-25516", "1337DAY-ID-25517"]}]}, "score": {"value": 2.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2016-642"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-0728"]}, {"type": "archlinux", "idList": ["ASA-201601-20", "ASA-201601-26"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2015:0864", "CESA-2015:1137", "CESA-2015:2636", "CESA-2016:0064", "CESA-2016:0185", "CESA-2016:0715", "CESA-2016:1277"]}, {"type": "checkpoint_security", "idList": ["CPS:SK109752"]}, {"type": "cisa", "idList": ["CISA:FCB4B9C4CB605F6B805399E8D3B54A48"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:DBE2857E4A4B43C72E03FDC8B6460BBB"]}, {"type": "cve", "idList": ["CVE-2014-8989", "CVE-2014-9529", "CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7885", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215", "CVE-2015-8543", "CVE-2015-8569"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3313-1:00F99", "DEBIAN:DSA-3364-1:5D544"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-8989", "DEBIANCVE:CVE-2014-9529", "DEBIANCVE:CVE-2015-0272", "DEBIANCVE:CVE-2015-5157", "DEBIANCVE:CVE-2015-5307", "DEBIANCVE:CVE-2015-6937", "DEBIANCVE:CVE-2015-7550", "DEBIANCVE:CVE-2015-7799", "DEBIANCVE:CVE-2015-7885", "DEBIANCVE:CVE-2015-7990", "DEBIANCVE:CVE-2015-8104", "DEBIANCVE:CVE-2015-8215", "DEBIANCVE:CVE-2015-8543", "DEBIANCVE:CVE-2015-8550", "DEBIANCVE:CVE-2015-8551", "DEBIANCVE:CVE-2015-8552", "DEBIANCVE:CVE-2015-8569", "DEBIANCVE:CVE-2015-8575", "DEBIANCVE:CVE-2015-8767", "DEBIANCVE:CVE-2016-0728"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:3459535A8A480A3A2F164DB01F4CF994"]}, {"type": "f5", "idList": ["F5:K17326", "F5:K98102572", "SOL01948202", "SOL07560020", "SOL31026324"]}, {"type": "fedora", "idList": ["FEDORA:51EB2601616F", "FEDORA:AA4AD60600CD", "FEDORA:C7C84604E909"]}, {"type": "freebsd", "idList": ["2CABFBAB-8BFB-11E5-BD18-002590263BF5"]}, {"type": "gentoo", "idList": ["GLSA-201604-03"]}, {"type": "ibm", "idList": ["658C6A388449448220E16F3A05A122A56F35F4A9A9370C4B63DC0779B971B6CE"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ORACLE_LINUX-CVE-2015-6937/", "MSF:ILITIES/UBUNTU-USN-2516-2/"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-310.NASL", "DEBIAN_DSA-3128.NASL", "F5_BIGIP_SOL98102572.NASL", "FEDORA_2015-16441.NASL", "FEDORA_2015-F150B2A8C8.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2015-686.NASL", "ORACLELINUX_ELSA-2016-3509.NASL", "ORACLELINUX_ELSA-2016-3552.NASL", "ORACLEVM_OVMSA-2015-0060.NASL", "REDHAT-RHSA-2016-0064.NASL", "SUSE_SU-2015-2339-1.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-2688-1.NASL", "UBUNTU_USN-2840-1.NASL", "UBUNTU_USN-2844-1.NASL", "UBUNTU_USN-2848-1.NASL", "UBUNTU_USN-2870-1.NASL", "UBUNTU_USN-2872-3.NASL", "UBUNTU_USN-2888-1.NASL", "VIRTUALBOX_5_0_10.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105465", "OPENVAS:1361412562310120291", "OPENVAS:1361412562310122797", "OPENVAS:1361412562310122806", "OPENVAS:1361412562310122821", "OPENVAS:1361412562310122884", "OPENVAS:1361412562310131182", "OPENVAS:1361412562310131197", "OPENVAS:1361412562310703364", "OPENVAS:1361412562310842108", "OPENVAS:1361412562310842396", "OPENVAS:1361412562310842492", "OPENVAS:1361412562310842496", "OPENVAS:1361412562310842524", "OPENVAS:1361412562310842565", "OPENVAS:1361412562310842571", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310850670", "OPENVAS:1361412562310851154", "OPENVAS:1361412562310851315", "OPENVAS:1361412562310869369", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310871481", "OPENVAS:1361412562310871524", "OPENVAS:1361412562311220191483", "OPENVAS:703128", "OPENVAS:703414", "OPENVAS:703426"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2016"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-4109"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:135330"]}, {"type": "redhat", "idList": ["RHSA-2016:0064", "RHSA-2016:0224"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31768"]}, {"type": "seebug", "idList": ["SSV:90673"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0714-1", "OPENSUSE-SU-2016:0301-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2016:0341-1", "SUSE-SU-2016:0751-1"]}, {"type": "symantec", "idList": ["SMNTC-1349"]}, {"type": "threatpost", "idList": ["THREATPOST:C5F01C375D7DB776A2A5902570B2E5FD"]}, {"type": "ubuntu", "idList": ["USN-2840-1", "USN-2846-1", "USN-2847-1", "USN-2848-1", "USN-2849-1", "USN-2850-1", "USN-2851-1", "USN-2853-1", "USN-2854-1", "USN-2890-1", "USN-2907-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2932-1", "USN-2967-1", "USN-2967-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6937", "UB:CVE-2015-8215", "UB:CVE-2015-8543", "UB:CVE-2015-8767"]}, {"type": "xen", "idList": ["XSA-157"]}, {"type": "zdt", "idList": ["1337DAY-ID-25516"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-8551", "epss": "0.000620000", "percentile": "0.245740000", "modified": "2023-03-15"}, {"cve": "CVE-2014-9529", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8215", "epss": "0.030970000", "percentile": "0.895190000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7550", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2014-8989", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2015-5307", "epss": "0.000680000", "percentile": "0.278630000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8550", "epss": "0.000670000", "percentile": "0.274400000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8543", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2016-0728", "epss": "0.000430000", "percentile": "0.074530000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7990", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8767", "epss": "0.001240000", "percentile": "0.451270000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7799", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8575", "epss": "0.001090000", "percentile": "0.423310000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8552", "epss": "0.000760000", "percentile": "0.305380000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8569", "epss": "0.000440000", "percentile": "0.102620000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0272", "epss": "0.022080000", "percentile": "0.876920000", "modified": "2023-03-15"}, {"cve": "CVE-2015-5157", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7885", "epss": "0.000440000", "percentile": "0.102620000", "modified": "2023-03-15"}, {"cve": "CVE-2015-6937", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8104", "epss": "0.000720000", "percentile": "0.293980000", "modified": "2023-03-15"}], "vulnersScore": 2.4}, "_state": {"dependencies": 1678909274, "score": 1683812971, "epss": 1678917342}, "_internal": {"score_hash": "5f7b01680958a424763377c06604c604"}, "affectedPackage": [{"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-devel-4.4.3_08-38.1.i586.rpm", "packageName": "xen-devel", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-default-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-default", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-base-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-desktop-debuginfo-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-desktop-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-websrv-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-websrv", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-doc-7.0.8-15.1.x86_64.rpm", "packageName": "crash-doc", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-debugsource-4.4.3_08-38.1.i586.rpm", "packageName": "xen-debugsource", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-kmp-default-debuginfo-0.44_k3.16.7_32-260.15.1.x86_64.rpm", "packageName": "pcfclock-kmp-default-debuginfo", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-3.16.7-32.1.i586.rpm", "packageName": "kernel-default", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-ec2-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-ec2-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-desktop-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-default-debuginfo-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-default-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-x11-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-guest-x11-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "python-virtualbox-4.3.34-37.1.x86_64.rpm", "packageName": "python-virtualbox", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-desktop-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-debuginfo-2.639-14.15.1.i586.rpm", "packageName": "cloop-debuginfo", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-obs-qa-xen-3.16.7-32.1.i586.rpm", "packageName": "kernel-obs-qa-xen", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-xen-debuginfo-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-xen-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-devel-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-devel", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-7.0.8-15.1.i586.rpm", "packageName": "crash", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-debuginfo-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-tools-debuginfo", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-6.23-15.1.i586.rpm", "packageName": "ipset", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-default-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-default", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-pae-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-pae", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-desktop-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-desktop", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "kernel-source-3.16.7-32.1.noarch.rpm", "packageName": "kernel-source", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-tools", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-kmp-default-4.4.3_08_k3.16.7_32-38.1.x86_64.rpm", "packageName": "xen-kmp-default", "packageVersion": "4.4.3_08_k3.16.7_32-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-gcore-7.0.8-15.1.i586.rpm", "packageName": "crash-gcore", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-default-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-default-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-default", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-vanilla-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-vanilla-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-kmp-default-debuginfo-4.4.3_08_k3.16.7_32-38.1.x86_64.rpm", "packageName": "xen-kmp-default-debuginfo", "packageVersion": "4.4.3_08_k3.16.7_32-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-websrv-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-websrv-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-base-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-pae-debuginfo-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-pae-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-desktop-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-debugsource-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-debugsource", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-pae-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-pae", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-2.6-15.1.x86_64.rpm", "packageName": "xtables-addons", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-qt-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-qt-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-devel-6.23-15.1.x86_64.rpm", "packageName": "ipset-devel", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-libs", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-doc-7.0.8-15.1.i586.rpm", "packageName": "crash-doc", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-debuginfo-2.639-14.15.1.x86_64.rpm", "packageName": "cloop-debuginfo", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-ec2-devel-3.16.7-32.1.i586.rpm", "packageName": "kernel-ec2-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-base-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-desktop-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-desktop-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-default-debuginfo-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-default-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-desktop-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-0.44-260.15.1.i586.rpm", "packageName": "pcfclock", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-xen-debuginfo-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-xen-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-0.8-3.15.1.i586.rpm", "packageName": "bbswitch", "packageVersion": "0.8-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-pae-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-pae", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-devel-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-default-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-default", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-x11-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-guest-x11", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-eppic-debuginfo-7.0.8-15.1.x86_64.rpm", "packageName": "crash-eppic-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-tools-domU-4.4.3_08-38.1.i586.rpm", "packageName": "xen-tools-domu", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-debugsource-2.6-15.1.x86_64.rpm", "packageName": "xtables-addons-debugsource", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "kernel-devel-3.16.7-32.1.noarch.rpm", "packageName": "kernel-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-default-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "virtualbox-host-source-4.3.34-37.1.noarch.rpm", "packageName": "virtualbox-host-source", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-devel-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-devel", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-xen-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-xen", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-debugsource-2.639-14.15.1.i586.rpm", "packageName": "cloop-debugsource", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-32bit-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-libs-32bit", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-debugsource-7.0.8-15.1.x86_64.rpm", "packageName": "crash-debugsource", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-pae-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-pae", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-default-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-default", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-base-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-debugsource-0.8-3.15.1.x86_64.rpm", "packageName": "bbswitch-debugsource", "packageVersion": "0.8-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "libipset3-6.23-15.1.x86_64.rpm", "packageName": "libipset3", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-vanilla-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-vanilla", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-devel-6.23-15.1.i586.rpm", "packageName": "ipset-devel", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-debuginfo-6.23-15.1.x86_64.rpm", "packageName": "ipset-debuginfo", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-6.23-15.1.x86_64.rpm", "packageName": "ipset", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "kernel-docs-3.16.7-32.2.noarch.rpm", "packageName": "kernel-docs", "packageVersion": "3.16.7-32.2"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-tools-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-guest-tools", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-qt-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-qt", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-qt-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-qt-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-debugsource-3.16.7-32.1.i586.rpm", "packageName": "kernel-default-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-default-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-default", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-pae-debuginfo-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-pae-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "libipset3-debuginfo-6.23-15.1.x86_64.rpm", "packageName": "libipset3-debuginfo", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-host-kmp-desktop-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-desktop", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-default-debuginfo-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-default-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-obs-qa-xen-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-obs-qa-xen", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-tools-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-guest-tools", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-devel-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-devel-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-x11-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-guest-x11", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-pae-debuginfo-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-pae-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-vanilla-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-vanilla-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-xen-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-xen", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-debugsource-6.23-15.1.x86_64.rpm", "packageName": "ipset-debugsource", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-pae-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-pae-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "virtualbox-guest-desktop-icons-4.3.34-37.1.noarch.rpm", "packageName": "virtualbox-guest-desktop-icons", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-xen-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-pae-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-pae", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-ec2-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-ec2-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-default-debuginfo-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-default-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-eppic-debuginfo-7.0.8-15.1.i586.rpm", "packageName": "crash-eppic-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-base-debuginfo-3.16.7-32.1.i586.rpm", "packageName": "kernel-default-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-debugsource-7.0.8-15.1.i586.rpm", "packageName": "crash-debugsource", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-debugsource-20140629-2.15.1.i586.rpm", "packageName": "vhba-kmp-debugsource", "packageVersion": "20140629-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-desktop-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-desktop", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-debugsource-2.6-15.1.i586.rpm", "packageName": "xtables-addons-debugsource", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-host-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-default-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-devel-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-default-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-default", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-desktop-debuginfo-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-desktop-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-vanilla-devel-3.16.7-32.1.i686.rpm", "packageName": "kernel-vanilla-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-7.0.8-15.1.x86_64.rpm", "packageName": "crash", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-desktop-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-desktop", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-base-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-default-debuginfo-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-default-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-syms-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-syms", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-pae-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-pae", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-default-debuginfo-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-default-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-2.6-15.1.i586.rpm", "packageName": "xtables-addons", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-debuginfo-3.16.7-32.1.i586.rpm", "packageName": "kernel-default-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-xen-debuginfo-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-xen-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-obs-build-debugsource-3.16.7-32.2.i586.rpm", "packageName": "kernel-obs-build-debugsource", "packageVersion": "3.16.7-32.2"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-desktop-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-desktop", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-websrv-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-websrv-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-devel-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-debuginfo-7.0.8-15.1.x86_64.rpm", "packageName": "crash-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-default-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-default", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-kmp-desktop-debuginfo-4.4.3_08_k3.16.7_32-38.1.x86_64.rpm", "packageName": "xen-kmp-desktop-debuginfo", "packageVersion": "4.4.3_08_k3.16.7_32-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-desktop-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-desktop", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-default-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-default", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-devel-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-devel-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-base-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-kmp-desktop-4.4.3_08_k3.16.7_32-38.1.x86_64.rpm", "packageName": "xen-kmp-desktop", "packageVersion": "4.4.3_08_k3.16.7_32-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-pae-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-xen-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-xen", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-desktop-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-debuginfo-0.44-260.15.1.x86_64.rpm", "packageName": "pcfclock-debuginfo", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-xen-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-xen", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-host-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-desktop-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-0.8-3.15.1.x86_64.rpm", "packageName": "bbswitch", "packageVersion": "0.8-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-desktop-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-devel-7.0.8-15.1.x86_64.rpm", "packageName": "crash-devel", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-tools-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-guest-tools-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-default-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-debugsource-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-debugsource", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-debugsource-6.23-15.1.i586.rpm", "packageName": "ipset-debugsource", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-default-debuginfo-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-default-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-default-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-default", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-base-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-desktop-debuginfo", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-vanilla-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-vanilla-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-xen-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-xen", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-base-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-2.639-14.15.1.x86_64.rpm", "packageName": "cloop", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "python-virtualbox-4.3.34-37.1.i586.rpm", "packageName": "python-virtualbox", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-debuginfo-2.6-15.1.i586.rpm", "packageName": "xtables-addons-debuginfo", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "kernel-macros-3.16.7-32.1.noarch.rpm", "packageName": "kernel-macros", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-default-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-default", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-devel-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-desktop-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-desktop", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-xen-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-desktop-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-desktop", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-default-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-default", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-obs-build-3.16.7-32.2.i586.rpm", "packageName": "kernel-obs-build", "packageVersion": "3.16.7-32.2"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-pae-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-pae", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-desktop-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-desktop-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-desktop", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-kmp-desktop-0.44_k3.16.7_32-260.15.1.x86_64.rpm", "packageName": "pcfclock-kmp-desktop", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-default-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-default", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-xen-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-tools-domU-debuginfo-4.4.3_08-38.1.i586.rpm", "packageName": "xen-tools-domu-debuginfo", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-pae-debuginfo-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-pae-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-debugsource-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-debugsource-20140629-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-debugsource", "packageVersion": "20140629-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-base-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-xen-debuginfo-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-xen-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-debuginfo-0.44-260.15.1.i586.rpm", "packageName": "pcfclock-debuginfo", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-desktop-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-desktop", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-xen-debuginfo-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-xen-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-xen-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-xen", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-obs-build-3.16.7-32.2.x86_64.rpm", "packageName": "kernel-obs-build", "packageVersion": "3.16.7-32.2"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-desktop-debuginfo-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-desktop-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-tools-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-guest-tools-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-debuginfo-6.23-15.1.i586.rpm", "packageName": "ipset-debuginfo", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-xen-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-xen", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-xen-debuginfo-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-xen-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-debugsource-0.44-260.15.1.x86_64.rpm", "packageName": "pcfclock-debugsource", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-desktop-debuginfo-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-desktop-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-debuginfo-7.0.8-15.1.i586.rpm", "packageName": "crash-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-gcore-7.0.8-15.1.x86_64.rpm", "packageName": "crash-gcore", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-x11-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-guest-x11-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-debugsource-1.28-18.16.1.i586.rpm", "packageName": "hdjmod-debugsource", "packageVersion": "1.28-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "libipset3-6.23-15.1.i586.rpm", "packageName": "libipset3", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-websrv-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-websrv", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-libs-debuginfo-4.4.3_08-38.1.i586.rpm", "packageName": "xen-libs-debuginfo", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-base-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-ec2-base-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-ec2-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-debugsource-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-debugsource", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-pae-3.16.7-32.1.i686.rpm", "packageName": "kernel-pae", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-base-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-qt-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-qt", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-base-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-desktop-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-desktop", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-desktop-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-default-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-default", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-debugsource-0.8-3.15.1.i586.rpm", "packageName": "bbswitch-debugsource", "packageVersion": "0.8-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-gcore-debuginfo-7.0.8-15.1.x86_64.rpm", "packageName": "crash-gcore-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-host-kmp-default-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-default", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "python-virtualbox-debuginfo-4.3.34-37.1.x86_64.rpm", "packageName": "python-virtualbox-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-xen-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-xen-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-obs-qa-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-obs-qa", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-desktop-debuginfo-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-desktop-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-domU-debuginfo-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-tools-domu-debuginfo", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "vhba-kmp-default-debuginfo-20140629_k3.16.7_32-2.15.1.x86_64.rpm", "packageName": "vhba-kmp-default-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-devel-3.16.7-32.1.i586.rpm", "packageName": "kernel-default-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-vanilla-3.16.7-32.1.i686.rpm", "packageName": "kernel-vanilla", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "libipset3-debuginfo-6.23-15.1.i586.rpm", "packageName": "libipset3-debuginfo", "packageVersion": "6.23-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-xen-debuginfo-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-xen-debuginfo", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-default-debuginfo-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-default-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-debug-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-debug-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-eppic-7.0.8-15.1.x86_64.rpm", "packageName": "crash-eppic", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-eppic-7.0.8-15.1.i586.rpm", "packageName": "crash-eppic", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-devel-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox-devel", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-kmp-default-0.44_k3.16.7_32-260.15.1.x86_64.rpm", "packageName": "pcfclock-kmp-default", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-xen-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-xen", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-default-debuginfo-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-default-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-desktop-base-3.16.7-32.1.i686.rpm", "packageName": "kernel-desktop-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "ipset-kmp-desktop-6.23_k3.16.7_32-15.1.i586.rpm", "packageName": "ipset-kmp-desktop", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-default-debuginfo-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-default-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-debuginfo-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-libs-debuginfo", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-obs-build-debugsource-3.16.7-32.2.x86_64.rpm", "packageName": "kernel-obs-build-debugsource", "packageVersion": "3.16.7-32.2"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "noarch", "operator": "lt", "packageFilename": "kernel-source-vanilla-3.16.7-32.1.noarch.rpm", "packageName": "kernel-source-vanilla", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-2.639-14.15.1.i586.rpm", "packageName": "cloop", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-debugsource-0.44-260.15.1.i586.rpm", "packageName": "pcfclock-debugsource", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-pae-debuginfo", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-debuginfo-2.6-15.1.x86_64.rpm", "packageName": "xtables-addons-debuginfo", "packageVersion": "2.6-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-pae-debuginfo", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-default-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xtables-addons-kmp-desktop-2.6_k3.16.7_32-15.1.i586.rpm", "packageName": "xtables-addons-kmp-desktop", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_32-260.15.1.x86_64.rpm", "packageName": "pcfclock-kmp-desktop-debuginfo", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_32-3.15.1.x86_64.rpm", "packageName": "bbswitch-kmp-xen-debuginfo", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-desktop-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-desktop", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-devel-7.0.8-15.1.i586.rpm", "packageName": "crash-devel", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-xen-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-xen", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-debugsource-2.639-14.15.1.x86_64.rpm", "packageName": "cloop-debugsource", "packageVersion": "2.639-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-debuginfo-32bit-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-libs-debuginfo-32bit", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-xen-debuginfo-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-xen-debuginfo", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-xen-base-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-xen-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-default-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-default", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-default-debuginfo-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-default-debuginfo", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-4.3.34-37.1.x86_64.rpm", "packageName": "virtualbox", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-base-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "python-virtualbox-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "python-virtualbox-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-default-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-default", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-obs-qa-3.16.7-32.1.i586.rpm", "packageName": "kernel-obs-qa", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-pae-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-pae", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-xen-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-xen", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-xen-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-xen", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-default-debuginfo-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-default-debuginfo", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-desktop-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-desktop", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-default-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-default", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "ipset-kmp-xen-6.23_k3.16.7_32-15.1.x86_64.rpm", "packageName": "ipset-kmp-xen", "packageVersion": "6.23_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-guest-kmp-pae-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-kmp-desktop-1.28_k3.16.7_32-18.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-desktop", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-default-base-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-default-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-debuginfo-4.3.34-37.1.i586.rpm", "packageName": "virtualbox-debuginfo", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-default-base-3.16.7-32.1.i586.rpm", "packageName": "kernel-default-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-kmp-xen-7.0.8_k3.16.7_32-15.1.i586.rpm", "packageName": "crash-kmp-xen", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "hdjmod-kmp-default-1.28_k3.16.7_32-18.16.1.i586.rpm", "packageName": "hdjmod-kmp-default", "packageVersion": "1.28_k3.16.7_32-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-ec2-3.16.7-32.1.i586.rpm", "packageName": "kernel-ec2", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "vhba-kmp-xen-20140629_k3.16.7_32-2.15.1.i586.rpm", "packageName": "vhba-kmp-xen", "packageVersion": "20140629_k3.16.7_32-2.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "virtualbox-guest-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-default-debuginfo", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "cloop-kmp-desktop-debuginfo-2.639_k3.16.7_32-14.15.1.x86_64.rpm", "packageName": "cloop-kmp-desktop-debuginfo", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "cloop-kmp-desktop-2.639_k3.16.7_32-14.15.1.i586.rpm", "packageName": "cloop-kmp-desktop", "packageVersion": "2.639_k3.16.7_32-14.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-vanilla-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-vanilla-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-host-kmp-pae-4.3.34_k3.16.7_32-37.1.i586.rpm", "packageName": "virtualbox-host-kmp-pae", "packageVersion": "4.3.34_k3.16.7_32-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-desktop-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-desktop-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "bbswitch-kmp-pae-0.8_k3.16.7_32-3.15.1.i586.rpm", "packageName": "bbswitch-kmp-pae", "packageVersion": "0.8_k3.16.7_32-3.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "crash-gcore-debuginfo-7.0.8-15.1.i586.rpm", "packageName": "crash-gcore-debuginfo", "packageVersion": "7.0.8-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "pcfclock-0.44-260.15.1.x86_64.rpm", "packageName": "pcfclock", "packageVersion": "0.44-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xtables-addons-kmp-desktop-2.6_k3.16.7_32-15.1.x86_64.rpm", "packageName": "xtables-addons-kmp-desktop", "packageVersion": "2.6_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-domU-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-tools-domu", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-debug-base-debuginfo-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-debug-base-debuginfo", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-ec2-base-3.16.7-32.1.i586.rpm", "packageName": "kernel-ec2-base", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-doc-html-4.4.3_08-38.1.x86_64.rpm", "packageName": "xen-doc-html", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "xen-libs-4.4.3_08-38.1.i586.rpm", "packageName": "xen-libs", "packageVersion": "4.4.3_08-38.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_32-260.15.1.i586.rpm", "packageName": "pcfclock-kmp-desktop-debuginfo", "packageVersion": "0.44_k3.16.7_32-260.15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "kernel-syms-3.16.7-32.1.i586.rpm", "packageName": "kernel-syms", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-ec2-debugsource-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-ec2-debugsource", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "crash-kmp-desktop-7.0.8_k3.16.7_32-15.1.x86_64.rpm", "packageName": "crash-kmp-desktop", "packageVersion": "7.0.8_k3.16.7_32-15.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "kernel-vanilla-devel-3.16.7-32.1.x86_64.rpm", "packageName": "kernel-vanilla-devel", "packageVersion": "3.16.7-32.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i586", "operator": "lt", "packageFilename": "virtualbox-4.3.34-37.1.i586.rpm", "packageName": "virtualbox", "packageVersion": "4.3.34-37.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "x86_64", "operator": "lt", "packageFilename": "hdjmod-debugsource-1.28-18.16.1.x86_64.rpm", "packageName": "hdjmod-debugsource", "packageVersion": "1.28-18.16.1"}, {"OS": "openSUSE", "OSVersion": "13.2", "arch": "i686", "operator": "lt", "packageFilename": "kernel-xen-base-debuginfo-3.16.7-32.1.i686.rpm", "packageName": "kernel-xen-base-debuginfo", "packageVersion": "3.16.7-32.1"}]}

{"nessus": [{"lastseen": "2023-07-06T14:13:03", "description": "The openSUSE 13.2 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allowed local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a 'negative groups' issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (bnc#906545).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bnc#937969).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key (bnc#912202).\n\n - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).\n\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951627).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n\n - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708).\n\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client (bsc#960839).\n\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949).\n\n - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).\n\n - blktap: refine mm tracking (bsc#952976).\n\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n\n - genksyms: Handle string literals with spaces in reference files (bsc#958510).\n\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n\n - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422).\n\n - ipv6: fix tunnel error handling (bsc#952579).\n\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n\n - uas: Add response iu handling (bnc#954138).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).", "cvss3": {}, "published": "2016-02-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8989", "CVE-2014-9529", "CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7550", "CVE-2015-7799", "CVE-2015-7885", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8767", "CVE-2016-0728"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bbswitch", "p-cpe:/a:novell:opensuse:bbswitch-debugsource", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:cloop", "p-cpe:/a:novell:opensuse:cloop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debugsource", "p-cpe:/a:novell:opensuse:cloop-kmp-default", "p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-pae", "p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen", "p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:crash", "p-cpe:/a:novell:opensuse:crash-debuginfo", "p-cpe:/a:novell:opensuse:crash-debugsource", "p-cpe:/a:novell:opensuse:crash-devel", "p-cpe:/a:novell:opensuse:crash-eppic", "p-cpe:/a:novell:opensuse:crash-eppic-debuginfo", "p-cpe:/a:novell:opensuse:crash-gcore", "p-cpe:/a:novell:opensuse:crash-gcore-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default", "p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-pae", "p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-xen", "p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-debugsource", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:ipset", "p-cpe:/a:novell:opensuse:ipset-debuginfo", "p-cpe:/a:novell:opensuse:ipset-debugsource", "p-cpe:/a:novell:opensuse:ipset-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-default", "p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-pae", "p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-xen", "p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:libipset3", "p-cpe:/a:novell:opensuse:libipset3-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock", "p-cpe:/a:novell:opensuse:pcfclock-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-debugsource", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-default", "p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-pae", "p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-xen", "p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons", "p-cpe:/a:novell:opensuse:xtables-addons-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-debugsource", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-136.NASL", "href": "https://www.tenable.com/plugins/nessus/88605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-136.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88605);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8989\", \"CVE-2014-9529\", \"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7550\", \"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8767\", \"CVE-2016-0728\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)\");\n script_summary(english:\"Check for the openSUSE-2016-136 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 13.2 kernel was updated to receive various security and\nbugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers\n gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race\n between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect\n functions in drivers/net/ppp/pptp.c in the Linux kernel\n did not verify an address length, which allowed local\n users to obtain sensitive information from kernel memory\n and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the\n Linux kernel did not validate protocol identifiers for\n certain protocol families, which allowed local users to\n cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain\n privileges by leveraging CLONE_NEWUSER support to\n execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2014-8989: The Linux kernel did not properly\n restrict dropping of supplemental group memberships in\n certain namespace scenarios, which allowed local users\n to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category\n that is more restrictive than the entry for the other\n category, aka a 'negative groups' issue, related to\n kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandles IRET faults in\n processing NMIs that occurred during userspace\n execution, which might allow local users to gain\n privileges by triggering an NMI (bnc#937969).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel through\n 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of\n service (NULL pointer dereference and system crash) via\n a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n through 4.2.6, and Xen 4.3.x through 4.6.x, allowed\n guest OS users to cause a denial of service (host OS\n panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n through 4.2.6, and Xen 4.3.x through 4.6.x, allowed\n guest OS users to cause a denial of service (host OS\n panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2014-9529: Race condition in the key_gc_unused_keys\n function in security/keys/gc.c in the Linux kernel\n allowed local users to cause a denial of service (memory\n corruption or panic) or possibly have unspecified other\n impact via keyctl commands that trigger access to a key\n structure member during garbage collection of a key\n (bnc#912202).\n\n - CVE-2015-7990: Race condition in the rds_sendmsg\n function in net/rds/sendmsg.c in the Linux kernel\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because\n of an incomplete fix for CVE-2015-6937 (bnc#952384\n 953052).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bnc#945825).\n\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel\n through 4.3.3 did not initialize a certain structure\n member, which allowed local users to obtain sensitive\n information from kernel memory via a crafted application\n (bnc#951627).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in\n the Linux kernel did not validate attempted changes to\n the MTU value, which allowed context-dependent attackers\n to cause a denial of service (packet loss) via a value\n that is (1) smaller than the minimum compliant value or\n (2) larger than the MTU of an interface, as demonstrated\n by a Router Advertisement (RA) message that is not\n validated by a daemon, a different vulnerability than\n CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is\n limited to the NetworkManager product (bnc#955354).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is\n called by the user during a heartbeat timeout event\n after the 4-way handshake. Since sctp_assoc_migrate()\n changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be\n taken with the listening socket but released with the\n new association socket. The result is a deadlock on any\n future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8575: Validate socket address length in\n sco_sock_bind() to prevent information leak\n (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has\n MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV\n backend drivers could have lead to double fetch\n vulnerabilities, causing denial of service or arbitrary\n code execution (depending on the configuration)\n (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Disable 64bit address for Creative HDA\n controllers (bnc#814440).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s\n (boo#958504).\n\n - Input: aiptek - fix crash on detecting device without\n endpoints (bnc#956708).\n\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y\n (boo#956934).\n\n - KVM: x86: update masterclock values on TSC writes\n (bsc#961739).\n\n - NFS: Fix a NULL pointer dereference of migration\n recovery ops for v4.2 client (bsc#960839).\n\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to\n prlimit another task (bsc#921949).\n\n - blktap: also call blkif_disconnect() when frontend\n switched to closed (bsc#952976).\n\n - blktap: refine mm tracking (bsc#952976).\n\n - cdrom: Random writing support for BD-RE media\n (bnc#959568).\n\n - genksyms: Handle string literals with spaces in\n reference files (bsc#958510).\n\n - ipv4: Do not increase PMTU with Datagram Too Big message\n (bsc#955224).\n\n - ipv6: distinguish frag queues by device for multicast\n and link-local packets (bsc#955422).\n\n - ipv6: fix tunnel error handling (bsc#952579).\n\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n\n - uas: Add response iu handling (bnc#954138).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n\n - xen/pciback: Do not allow MSI-X ops if\n PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=906545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=921949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=937969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=937970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=962075\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-0.8-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-debugsource-0.8-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debuginfo-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debugsource-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debugsource-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-devel-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-debugsource-1.28-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debuginfo-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debugsource-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-devel-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-macros-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-3.16.7-32.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-debugsource-3.16.7-32.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-syms-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-debuginfo-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debuginfo-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debugsource-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-debugsource-20140629-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debugsource-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-devel-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-desktop-icons-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-source-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-debugsource-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-devel-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-debuginfo-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-debuginfo-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debuginfo-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debugsource-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-debuginfo-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.3_08-38.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bbswitch / bbswitch-debugsource / bbswitch-kmp-default / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-06T14:13:33", "description": "The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).\n\n - ALSA: hda - Apply click noise workaround for Thinkpads generically (bsc#958439).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n\n - ALSA: hda - Flush the pending probe work at remove (boo#960710).\n\n - ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).\n\n - Add Cavium Thunderx network enhancements\n\n - Add RHEL to kernel-obs-build\n\n - Backport amd xgbe fixes and features\n\n - Backport arm64 patches from SLE12-SP1-ARM.\n\n - Btrfs: fix the number of transaction units needed to remove a block group (bsc#950178).\n\n - Btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#950178).\n\n - Documentation: nousb is a module parameter (bnc#954324).\n\n - Driver for IBM System i/p VNIC protocol.\n\n - Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't be built as a module.\n\n - Fix PCI generic host controller\n\n - Fix kABI breakage for max_dev_sectors addition to queue_limits (boo#961263).\n\n - HID: multitouch: Fetch feature reports on demand for Win8 devices (boo#954532).\n\n - HID: multitouch: fix input mode switching on some Elan panels (boo#954532).\n\n - Implement enable/disable for Display C6 state (boo#960021).\n\n - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708).\n\n - Linux 4.1.15 (boo#954647 bsc#955422).\n\n - Move kabi patch to patches.kabi directory\n\n - Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in SLE11-SP3, now replaced with the upstream drivers.\n\n - PCI: generic: Pass starting bus number to pci_scan_root_bus().\n\n - Revert 'block: remove artifical max_hw_sectors cap' (boo#961263).\n\n - Set system time through RTC device\n\n - Update arm64 config files. Enabled DRM_AST in the vanilla kernel since it is now enabled in the default kernel.\n\n - Update config files: CONFIG_IBMVNIC=m\n\n - block/sd: Fix device-imposed transfer length limits (boo#961263).\n\n - block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).\n\n - drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).\n\n - drm/i915/skl: Add DC6 Trigger sequence (boo#960021).\n\n - drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).\n\n - drm/i915/skl: Add the INIT power domain to the MISC I/O power well (boo#960021).\n\n - drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).\n\n - drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).\n\n - drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS (boo#960021).\n\n - drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).\n\n - drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).\n\n - drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).\n\n - drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).\n\n - drm/i915/skl: Make the Misc I/O power well part of the PLLS domain (boo#960021).\n\n - drm/i915/skl: add F0 stepping ID (boo#960021).\n\n - drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).\n\n - drm/i915: Clear crtc atomic flags at beginning of transaction (boo#960021).\n\n - drm/i915: Fix CSR MMIO address check (boo#960021).\n\n - drm/i915: Switch to full atomic helpers for plane updates/disable, take two (boo#960021).\n\n - drm/i915: set CDCLK if DPLL0 enabled during resuming from S3 (boo#960021).\n\n - ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).\n\n - genksyms: Handle string literals with spaces in reference files (bsc#958510).\n\n - group-source-files: mark module.lds as devel file ld:\n cannot open linker script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such file or directory\n\n - hwrng: core - sleep interruptible in read (bnc#962597).\n\n - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422).\n\n - kABI fixes for linux-4.1.15.\n\n - rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir\n\n - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere.\n\n - rpm/constraints.in: Require 14GB worth of disk space on POWER The builds started to fail randomly due to ENOSPC errors.\n\n - rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since 2.6.39 and is enabled in our configs.\n\n - rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259\n\n - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed\n\n - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file\n\n - rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel should not be added to the bootloader nor are there any KMPs.\n\n - rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11 (bnc#865096)\n\n - rpm/kernel-binary.spec.in: Use parallel make in all invocations Also, remove the lengthy comment, since we are using a standard rpm macro now.\n\n - thinkpad_acpi: Do not yell on unsupported brightness interfaces (boo#957152).\n\n - usb: make 'nousb' a clear module parameter (bnc#954324).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).\n\n - x86/microcode/amd: Extract current patch level read to a function (bsc#913996).\n\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).\n\n - xhci: refuse loading if nousb is used (bnc#954324).", "cvss3": {}, "published": "2016-02-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2016-116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7550", "CVE-2015-8539", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8767", "CVE-2016-0728"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pv", "p-cpe:/a:novell:opensuse:kernel-pv-base", "p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pv-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pv-debugsource", "p-cpe:/a:novell:opensuse:kernel-pv-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-116.NASL", "href": "https://www.tenable.com/plugins/nessus/88542", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-116.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88542);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7550\", \"CVE-2015-8539\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8767\", \"CVE-2016-0728\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2016-116)\");\n script_summary(english:\"Check for the openSUSE-2016-116 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15\nstable release, and also includes security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers\n gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race\n between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is\n called by the user during a heartbeat timeout event\n after the 4-way handshake. Since sctp_assoc_migrate()\n changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be\n taken with the listening socket but released with the\n new association socket. The result is a deadlock on any\n future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8539: A negatively instantiated user key could\n have been used by a local user to leverage privileges\n (bnc#958463).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect\n functions in drivers/net/ppp/pptp.c in the Linux kernel\n did not verify an address length, which allowed local\n users to obtain sensitive information from kernel memory\n and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the\n Linux kernel did not validate protocol identifiers for\n certain protocol families, which allowed local users to\n cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain\n privileges by leveraging CLONE_NEWUSER support to\n execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8575: Validate socket address length in\n sco_sock_bind() to prevent information leak\n (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has\n MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV\n backend drivers could have lead to double fetch\n vulnerabilities, causing denial of service or arbitrary\n code execution (depending on the configuration)\n (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd\n (bsc#958439).\n\n - ALSA: hda - Apply click noise workaround for Thinkpads\n generically (bsc#958439).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s\n (boo#958504).\n\n - ALSA: hda - Flush the pending probe work at remove\n (boo#960710).\n\n - ALSA: hda - Set codec to D3 at reboot/shutdown on\n Thinkpads (bsc#958439).\n\n - Add Cavium Thunderx network enhancements\n\n - Add RHEL to kernel-obs-build\n\n - Backport amd xgbe fixes and features\n\n - Backport arm64 patches from SLE12-SP1-ARM.\n\n - Btrfs: fix the number of transaction units needed to\n remove a block group (bsc#950178).\n\n - Btrfs: use global reserve when deleting unused block\n group after ENOSPC (bsc#950178).\n\n - Documentation: nousb is a module parameter (bnc#954324).\n\n - Driver for IBM System i/p VNIC protocol.\n\n - Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for\n recent tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still\n disabled as it can't be built as a module.\n\n - Fix PCI generic host controller\n\n - Fix kABI breakage for max_dev_sectors addition to\n queue_limits (boo#961263).\n\n - HID: multitouch: Fetch feature reports on demand for\n Win8 devices (boo#954532).\n\n - HID: multitouch: fix input mode switching on some Elan\n panels (boo#954532).\n\n - Implement enable/disable for Display C6 state\n (boo#960021).\n\n - Input: aiptek - fix crash on detecting device without\n endpoints (bnc#956708).\n\n - Linux 4.1.15 (boo#954647 bsc#955422).\n\n - Move kabi patch to patches.kabi directory\n\n - Obsolete compat-wireless, rts5229 and rts_pstor KMPs\n These are found in SLE11-SP3, now replaced with the\n upstream drivers.\n\n - PCI: generic: Pass starting bus number to\n pci_scan_root_bus().\n\n - Revert 'block: remove artifical max_hw_sectors cap'\n (boo#961263).\n\n - Set system time through RTC device\n\n - Update arm64 config files. Enabled DRM_AST in the\n vanilla kernel since it is now enabled in the default\n kernel.\n\n - Update config files: CONFIG_IBMVNIC=m\n\n - block/sd: Fix device-imposed transfer length limits\n (boo#961263).\n\n - block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).\n\n - drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).\n\n - drm/i915/skl: Add DC6 Trigger sequence (boo#960021).\n\n - drm/i915/skl: Add support to load SKL CSR firmware\n (boo#960021).\n\n - drm/i915/skl: Add the INIT power domain to the MISC I/O\n power well (boo#960021).\n\n - drm/i915/skl: Deinit/init the display at suspend/resume\n (boo#960021).\n\n - drm/i915/skl: Fix DMC API version in firmware file name\n (boo#960021).\n\n - drm/i915/skl: Fix\n WaDisableChickenBitTSGBarrierAckForFFSliceCS\n (boo#960021).\n\n - drm/i915/skl: Fix stepping check for a couple of W/As\n (boo#960021).\n\n - drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1\n defines (boo#960021).\n\n - drm/i915/skl: Implement WaDisableVFUnitClockGating\n (boo#960021).\n\n - drm/i915/skl: Implement enable/disable for Display C5\n state (boo#960021).\n\n - drm/i915/skl: Make the Misc I/O power well part of the\n PLLS domain (boo#960021).\n\n - drm/i915/skl: add F0 stepping ID (boo#960021).\n\n - drm/i915/skl: enable\n WaForceContextSaveRestoreNonCoherent (boo#960021).\n\n - drm/i915: Clear crtc atomic flags at beginning of\n transaction (boo#960021).\n\n - drm/i915: Fix CSR MMIO address check (boo#960021).\n\n - drm/i915: Switch to full atomic helpers for plane\n updates/disable, take two (boo#960021).\n\n - drm/i915: set CDCLK if DPLL0 enabled during resuming\n from S3 (boo#960021).\n\n - ethernet/atheros/alx: sanitize buffer sizing and padding\n (boo#952621).\n\n - genksyms: Handle string literals with spaces in\n reference files (bsc#958510).\n\n - group-source-files: mark module.lds as devel file ld:\n cannot open linker script file\n /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No\n such file or directory\n\n - hwrng: core - sleep interruptible in read (bnc#962597).\n\n - ipv6: distinguish frag queues by device for multicast\n and link-local packets (bsc#955422).\n\n - kABI fixes for linux-4.1.15.\n\n - rpm/compute-PATCHVERSION.sh: Skip stale directories in\n the package dir\n\n - rpm/constraints.in: Bump disk space requirements up a\n bit Require 10GB on s390x, 20GB elsewhere.\n\n - rpm/constraints.in: Require 14GB worth of disk space on\n POWER The builds started to fail randomly due to ENOSPC\n errors.\n\n - rpm/kernel-binary.spec.in: Do not explicitly set\n DEBUG_SECTION_MISMATCH CONFIG_DEBUG_SECTION_MISMATCH is\n a selectable Kconfig option since 2.6.39 and is enabled\n in our configs.\n\n - rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp\n (bnc#865259)865259\n\n - rpm/kernel-binary.spec.in: Fix build if no UEFI certs\n are installed\n\n - rpm/kernel-binary.spec.in: Install libopenssl-devel for\n newer sign-file\n\n - rpm/kernel-binary.spec.in: No scriptlets in\n kernel-zfcpdump The kernel should not be added to the\n bootloader nor are there any KMPs.\n\n - rpm/kernel-binary.spec.in: Obsolete the -base package\n from SLE11 (bnc#865096)\n\n - rpm/kernel-binary.spec.in: Use parallel make in all\n invocations Also, remove the lengthy comment, since we\n are using a standard rpm macro now.\n\n - thinkpad_acpi: Do not yell on unsupported brightness\n interfaces (boo#957152).\n\n - usb: make 'nousb' a clear module parameter (bnc#954324).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/microcode/amd: Do not overwrite final patch levels\n (bsc#913996).\n\n - x86/microcode/amd: Extract current patch level read to a\n function (bsc#913996).\n\n - xen/pciback: Do not allow MSI-X ops if\n PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).\n\n - xhci: refuse loading if nousb is used (bnc#954324).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=865096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=865259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=913996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=950178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=962075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=962597\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-html-4.1.15-8.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-pdf-4.1.15-8.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-macros-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-4.1.15-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-debugsource-4.1.15-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-xen-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-vanilla-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-syms-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-4.1.15-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-4.1.15-8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:06:17", "description": "The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463).\n\n - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0168-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7550", "CVE-2015-8539", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0168-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88006", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0168-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88006);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-7550\", \"CVE-2015-8539\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8569\", \"CVE-2015-8575\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0168-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 kernel was updated to receive various\nsecurity and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7550: A local user could have triggered a race\n between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8539: A negatively instantiated user key could\n have been used by a local user to leverage privileges\n (bnc#958463).\n\n - CVE-2015-8543: The networking implementation in the\n Linux kernel did not validate protocol identifiers for\n certain protocol families, which allowed local users to\n cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain\n privileges by leveraging CLONE_NEWUSER support to\n execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV\n backend drivers could have lead to double fetch\n vulnerabilities, causing denial of service or arbitrary\n code execution (depending on the configuration)\n (bsc#957988).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has\n MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect\n functions in drivers/net/ppp/pptp.c in the Linux kernel\n did not verify an address length, which allowed local\n users to obtain sensitive information from kernel memory\n and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n\n - CVE-2015-8575: Validate socket address length in\n sco_sock_bind() to prevent information leak\n (bsc#959399).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=758040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937261\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8539/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8543/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8551/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8552/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8575/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160168-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ceb6abc6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2016-107=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-107=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-107=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-107=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2016-107=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-107=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.34.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.34.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:18", "description": "The Linux Kernel was updated to 4.1.13 and fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.\n\n - CVE-2015-7990: A local denial of service due to an incomplete fix of CVE-2015-6937 could lead to crashes (local denial of service).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.\n\nBugs fixed :\n\n - alsa: hda - apply hp headphone fixups more generically (boo#954876).\n\n - alsa: hda - add fixup for acer aspire one cloudbook 14 (boo#954876).\n\n - alsa: hda - fix headphone noise after dell xps 13 resume back from S3 (boo#954876).\n\n - alsa: hda - fix noise on dell latitude e6440 (boo#954876).\n\n - alsa: hda/hdmi - apply skylake fix-ups to broxton display codec (boo#954647).\n\n - alsa: hda - add codec id for broxton display audio codec (boo#954647).\n\n - alsa: hda/realtek - dell xps one alc3260 speaker no sound after resume back (boo#954647).\n\n - alsa: hda - yet another fix for dell headset mic with alc3266 (boo#954647).\n\n - alsa: hda - fix dell laptop for internal mic/headset mic (boo#954647).\n\n - alsa: hda - remove no physical connection pins from pin_quirk table (boo#954647).\n\n - alsa: hda - add pin quirk for the headset mic jack detection on Dell laptop (boo#954647).\n\n - alsa: hda - fix the headset mic that will not work on dell desktop machine (boo#954647).\n\n - alsa: hda - remove one pin from alc292_standard_pins (boo#954647).\n\n - alsa: hda - add dock support for thinkpad w541 (17aa:2211) (boo#954647).\n\n - alsa: hda/realtek: enable hp amp and mute led on hp folio 9480m [v3] (boo#954647).\n\n - alsa: hda/realtek - support dell headset mode for alc298 (boo#954647).\n\n - alsa: hda/realtek - support headset mode for alc298 (boo#954647).\n\n - x86/evtchn: make use of physdevop_map_pirq.\n\n - blktap: also call blkif_disconnect() when frontend switched to closed (boo#952976).\n\n - blktap: refine mm tracking (boo#952976).\n\n - update xen patches to linux 4.1.13.\n\n - Backport arm64 patches from sle12-sp1-arm.\n\n - Backport pci-ea patches\n\n - Enable drm_ast driver\n\n - Fix thunderx edac store function\n\n - Update arm64 config files. Align arm64 vanilla configuration with default.\n\n - rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).\n\n - ethernet/atheros/alx: add killer e2400 device id (boo#955363).\n\n - drm/i915: don't override output type for ddi hdmi (boo#955190).\n\n - drm/i915: set best_encoder field of connector_state also when disabling (boo#955190).\n\n - drm/i915: add hotplug activation period to hotplug update mask (boo#955365).\n\n - drm/i915: avoid race of intel_crt_detect_hotplug() with hpd interrupt, v2 (boo#955365).\n\n - drm/i915: shut up gen8+ sde irq dmesg noise (boo#954757).\n\n - ipv6: fix tunnel error handling (boo#952579).\n\n - Update config files (boo#951533).\n\n - iwlwifi: add new pci ids for the 8260 series (boo#954421).\n\n - iwlwifi: edit the 3165 series and 8000 series pci ids (boo#954421).\n\n - x86/efi-bgrt: switch pr_err() to pr_debug() for invalid bgrt (boo#953559).\n\n - x86/tsc: let high latency pit fail fast in quick_pit_calibrate() (boo#953717).\n\n - Backport arm64 patches from sle12-sp1-arm branch Backports to fix Seattle xgbe driver. Fix EL2 page table for systems with high amount of memory. Needed for KVM to work. Convert WARN_ON in numa implementation to pr_warn.\n\n - input: elantech - add fujitsu lifebook u745 to force crc_enabled (boo#883192).", "cvss3": {}, "published": "2015-12-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pv", "p-cpe:/a:novell:opensuse:kernel-pv-base", "p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-pv-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pv-debugsource", "p-cpe:/a:novell:opensuse:kernel-pv-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2015-879.NASL", "href": "https://www.tenable.com/plugins/nessus/87391", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-879.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87391);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)\");\n script_summary(english:\"Check for the openSUSE-2015-879 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux Kernel was updated to 4.1.13 and fixes the following \nissues :\n\nSecurity issues fixed :\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c.\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c.\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound.\n\n - CVE-2015-7990: A local denial of service due to an\n incomplete fix of CVE-2015-6937 could lead to crashes\n (local denial of service).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call.\n\nBugs fixed :\n\n - alsa: hda - apply hp headphone fixups more generically\n (boo#954876).\n\n - alsa: hda - add fixup for acer aspire one cloudbook 14\n (boo#954876).\n\n - alsa: hda - fix headphone noise after dell xps 13 resume\n back from S3 (boo#954876).\n\n - alsa: hda - fix noise on dell latitude e6440\n (boo#954876).\n\n - alsa: hda/hdmi - apply skylake fix-ups to broxton\n display codec (boo#954647).\n\n - alsa: hda - add codec id for broxton display audio codec\n (boo#954647).\n\n - alsa: hda/realtek - dell xps one alc3260 speaker no\n sound after resume back (boo#954647).\n\n - alsa: hda - yet another fix for dell headset mic with\n alc3266 (boo#954647).\n\n - alsa: hda - fix dell laptop for internal mic/headset mic\n (boo#954647).\n\n - alsa: hda - remove no physical connection pins from\n pin_quirk table (boo#954647).\n\n - alsa: hda - add pin quirk for the headset mic jack\n detection on Dell laptop (boo#954647).\n\n - alsa: hda - fix the headset mic that will not work on\n dell desktop machine (boo#954647).\n\n - alsa: hda - remove one pin from alc292_standard_pins\n (boo#954647).\n\n - alsa: hda - add dock support for thinkpad w541\n (17aa:2211) (boo#954647).\n\n - alsa: hda/realtek: enable hp amp and mute led on hp\n folio 9480m [v3] (boo#954647).\n\n - alsa: hda/realtek - support dell headset mode for alc298\n (boo#954647).\n\n - alsa: hda/realtek - support headset mode for alc298\n (boo#954647).\n\n - x86/evtchn: make use of physdevop_map_pirq.\n\n - blktap: also call blkif_disconnect() when frontend\n switched to closed (boo#952976).\n\n - blktap: refine mm tracking (boo#952976).\n\n - update xen patches to linux 4.1.13.\n\n - Backport arm64 patches from sle12-sp1-arm.\n\n - Backport pci-ea patches\n\n - Enable drm_ast driver\n\n - Fix thunderx edac store function\n\n - Update arm64 config files. Align arm64 vanilla\n configuration with default.\n\n - rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).\n\n - ethernet/atheros/alx: add killer e2400 device id\n (boo#955363).\n\n - drm/i915: don't override output type for ddi hdmi\n (boo#955190).\n\n - drm/i915: set best_encoder field of connector_state also\n when disabling (boo#955190).\n\n - drm/i915: add hotplug activation period to hotplug\n update mask (boo#955365).\n\n - drm/i915: avoid race of intel_crt_detect_hotplug() with\n hpd interrupt, v2 (boo#955365).\n\n - drm/i915: shut up gen8+ sde irq dmesg noise\n (boo#954757).\n\n - ipv6: fix tunnel error handling (boo#952579).\n\n - Update config files (boo#951533).\n\n - iwlwifi: add new pci ids for the 8260 series\n (boo#954421).\n\n - iwlwifi: edit the 3165 series and 8000 series pci ids\n (boo#954421).\n\n - x86/efi-bgrt: switch pr_err() to pr_debug() for invalid\n bgrt (boo#953559).\n\n - x86/tsc: let high latency pit fail fast in\n quick_pit_calibrate() (boo#953717).\n\n - Backport arm64 patches from sle12-sp1-arm branch\n Backports to fix Seattle xgbe driver. Fix EL2 page table\n for systems with high amount of memory. Needed for KVM\n to work. Convert WARN_ON in numa implementation to\n pr_warn.\n\n - input: elantech - add fujitsu lifebook u745 to force\n crc_enabled (boo#883192).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=883192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=944978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=948758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956856\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-html-4.1.13-5.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-pdf-4.1.13-5.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-macros-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-4.1.13-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-debugsource-4.1.13-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-syms-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-4.1.13-5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:34", "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav lead to a system crash (bsc#956709).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bnc#938706).\n\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7509", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-2339-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87651", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2339-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87651);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7509\", \"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\");\n script_bugtraq_id(76005);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7509: Mounting ext4 filesystems in no-journal\n mode could hav lead to a system crash (bsc#956709).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an\n underlying transport exists when creating a connection,\n causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandled IRET faults in\n processing NMIs that occurred during userspace\n execution, which might have allowed local users to gain\n privileges by triggering an NMI (bnc#938706).\n\n - CVE-2015-7872: The key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local\n users to cause a denial of service (OOPS) via crafted\n keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers\n to cause a denial of service (IPv6 traffic disruption)\n via a crafted MTU value in an IPv6 Router Advertisement\n (RA) message, a different vulnerability than\n CVE-2015-8215 (bnc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bnc#945825).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=879378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=879381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=900610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5157/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6937/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7509/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8215/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152339-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baca640f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Server 11-EXTRA :\n\nzypper in -t patch slexsp3-kernel-source-12278=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-kernel-source-12278=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-68.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:05:02", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.\n\n - CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of service (crash).\n\n - CVE-2015-7550 Dmitry Vyukov discovered a race condition in the keyring subsystem that allows a local user to cause a denial of service (crash).\n\n - CVE-2015-8543 It was discovered that a local user permitted to create raw sockets could cause a denial-of-service by specifying an invalid protocol number for the socket.\n The attacker must have the CAP_NET_RAW capability.\n\n - CVE-2015-8550 Felix Wilhelm of ERNW discovered that the Xen PV backend drivers may read critical data from shared memory multiple times. This flaw can be used by a guest kernel to cause a denial of service (crash) on the host, or possibly for privilege escalation.\n\n - CVE-2015-8551 / CVE-2015-8552 Konrad Rzeszutek Wilk of Oracle discovered that the Xen PCI backend driver does not adequately validate the device state when a guest configures MSIs. This flaw can be used by a guest kernel to cause a denial of service (crash or disk space exhaustion) on the host.\n\n - CVE-2015-8569 Dmitry Vyukov discovered a flaw in the PPTP sockets implementation that leads to an information leak to local users.\n\n - CVE-2015-8575 David Miller discovered a flaw in the Bluetooth SCO sockets implementation that leads to an information leak to local users.\n\n - CVE-2015-8709 Jann Horn discovered a flaw in the permission checks for use of the ptrace feature. A local user who has the CAP_SYS_PTRACE capability within their own user namespace could use this flaw for privilege escalation if a more privileged process ever enters that user namespace. This affects at least the LXC system.\n\nIn addition, this update fixes some regressions in the previous update :\n\n - #808293 A regression in the UDP implementation prevented freeradius and some other applications from receiving data.\n\n - #808602 / #808953\n\n A regression in the USB XHCI driver prevented use of some devices in USB 3 SuperSpeed ports.\n\n - #808973\n\n A fix to the radeon driver interacted with an existing bug to cause a crash at boot when using some AMD/ATI graphics cards. This issue only affects wheezy.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Debian DSA-3434-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7513", "CVE-2015-7550", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8709"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3434.NASL", "href": "https://www.tenable.com/plugins/nessus/87741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3434. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87741);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8709\");\n script_xref(name:\"DSA\", value:\"3434\");\n\n script_name(english:\"Debian DSA-3434-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleak.\n\n - CVE-2015-7513\n It was discovered that a local user permitted to use the\n x86 KVM subsystem could configure the PIT emulation to\n cause a denial of service (crash).\n\n - CVE-2015-7550\n Dmitry Vyukov discovered a race condition in the keyring\n subsystem that allows a local user to cause a denial of\n service (crash).\n\n - CVE-2015-8543\n It was discovered that a local user permitted to create\n raw sockets could cause a denial-of-service by\n specifying an invalid protocol number for the socket.\n The attacker must have the CAP_NET_RAW capability.\n\n - CVE-2015-8550\n Felix Wilhelm of ERNW discovered that the Xen PV backend\n drivers may read critical data from shared memory\n multiple times. This flaw can be used by a guest kernel\n to cause a denial of service (crash) on the host, or\n possibly for privilege escalation.\n\n - CVE-2015-8551 / CVE-2015-8552\n Konrad Rzeszutek Wilk of Oracle discovered that the Xen\n PCI backend driver does not adequately validate the\n device state when a guest configures MSIs. This flaw can\n be used by a guest kernel to cause a denial of service\n (crash or disk space exhaustion) on the host.\n\n - CVE-2015-8569\n Dmitry Vyukov discovered a flaw in the PPTP sockets\n implementation that leads to an information leak to\n local users.\n\n - CVE-2015-8575\n David Miller discovered a flaw in the Bluetooth SCO\n sockets implementation that leads to an information leak\n to local users.\n\n - CVE-2015-8709\n Jann Horn discovered a flaw in the permission checks for\n use of the ptrace feature. A local user who has the\n CAP_SYS_PTRACE capability within their own user\n namespace could use this flaw for privilege escalation\n if a more privileged process ever enters that user\n namespace. This affects at least the LXC system.\n\nIn addition, this update fixes some regressions in the previous update\n:\n\n - #808293\n A regression in the UDP implementation prevented\n freeradius and some other applications from receiving\n data.\n\n - #808602 / #808953\n\n A regression in the USB XHCI driver prevented use of\n some devices in USB 3 SuperSpeed ports.\n\n - #808973\n\n A fix to the radeon driver interacted with an existing\n bug to cause a crash at boot when using some AMD/ATI\n graphics cards. This issue only affects wheezy.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8551\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8709\"\n );\n # https://bugs.debian.org/808293\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808293\"\n );\n # https://bugs.debian.org/808602\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808602\"\n );\n # https://bugs.debian.org/808953\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808953\"\n );\n # https://bugs.debian.org/808973\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3434\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.2.73-2+deb7u2. The oldstable distribution (wheezy)\nis not affected by CVE-2015-8709.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt20-1+deb8u2. CVE-2015-8543 was already fixed in\nversion 3.16.7-ckt20-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.73-2+deb7u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:46", "description": "kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-F2C534BC12.NASL", "href": "https://www.tenable.com/plugins/nessus/89459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-f2c534bc12.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89459);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-f2c534bc12\");\n\n script_name(english:\"Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172185.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e3663e6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-4.1.13-100.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:21", "description": "The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-300.fc23 - Fix incorrect size calculations in megaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-115C302856.NASL", "href": "https://www.tenable.com/plugins/nessus/89149", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-115c302856.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89149);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-115c302856\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.6 stable update contains a number of important fixes across\nthe tree. kernel-4.2.6-300.fc23 - Fix incorrect size calculations in\nmegaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172022.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ae1eb12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.6-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:26", "description": "The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-200.fc22 - Fix incorrect size calculations in megaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-CD94AD8D7C.NASL", "href": "https://www.tenable.com/plugins/nessus/89412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-cd94ad8d7c.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89412);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-cd94ad8d7c\");\n\n script_name(english:\"Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.6 stable update contains a number of important fixes across\nthe tree. kernel-4.2.6-200.fc22 - Fix incorrect size calculations in\nmegaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172100.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b03393c1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.2.6-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:01", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in microcode via #DB exception (bsc#954404).\n\n - CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in microcode via #AC exception (bsc#953527).\n\n - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bsc#938706).\n\n - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951440).\n\n - CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by validating before applying it (bsc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bsc#945825).\n\n - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered permanent file-descriptor allocation (bsc#942367).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6252", "CVE-2015-6937", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-base", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-extra", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-2108-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2108-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87104);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6252\", \"CVE-2015-6937\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_bugtraq_id(76005);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to\nreceive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8104: Prevent guest to host DoS caused by\n infinite loop in microcode via #DB exception\n (bsc#954404).\n\n - CVE-2015-5307: Prevent guest to host DoS caused by\n infinite loop in microcode via #AC exception\n (bsc#953527).\n\n - CVE-2015-7990: RDS: Verify the underlying transport\n exists before creating a connection, preventing possible\n DoS (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandled IRET faults in\n processing NMIs that occurred during userspace\n execution, which might have allowed local users to gain\n privileges by triggering an NMI (bsc#938706).\n\n - CVE-2015-7872: Possible crash when trying to garbage\n collect an uninstantiated keyring (bsc#951440).\n\n - CVE-2015-0272: Prevent remote DoS using IPv6 RA with\n bogus MTU by validating before applying it (bsc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bsc#945825).\n\n - CVE-2015-6252: The vhost_dev_ioctl function in\n drivers/vhost/vhost.c in the Linux kernel allowed local\n users to cause a denial of service (memory consumption)\n via a VHOST_SET_LOG_FD ioctl call that triggered\n permanent file-descriptor allocation (bsc#942367).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=777565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=900610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=920016\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=923002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5157/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6252/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6937/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152108-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?911cfa21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP3 :\n\nzypper in -t patch sdksp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server 11-EXTRA :\n\nzypper in -t patch slexsp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-kernel-source-12226=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:49", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.53 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).\n\n - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request (bnc#940338).\n\n - CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls (bnc#958951).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that was (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272 (bnc#955354).\n\n - CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c (bnc#958463).\n\n - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8550: Optimizations introduced by the compiler could have lead to double fetch vulnerabilities, potentially possibly leading to arbitrary code execution in backend (bsc#957988).\n\n - CVE-2015-8551: Xen PCI backend driver did not perform proper sanity checks on the device's state, allowing for DoS (bsc#957990).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n\n - CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959399).\n\n - CVE-2015-8660: The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel attempted to merge distinct setattr operations, which allowed local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application (bnc#960281).\n\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509).\n\n - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).\n\n - CVE-2016-2069: A race in invalidating paging structures that were not in use locally could have lead to disclosoure of information or arbitrary code exectution (bnc#963767).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-29T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0585-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-0272", "CVE-2015-5707", "CVE-2015-7550", "CVE-2015-7799", "CVE-2015-8215", "CVE-2015-8539", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8660", "CVE-2015-8767", "CVE-2015-8785", "CVE-2016-0723", "CVE-2016-2069"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:lttng-modules", "p-cpe:/a:novell:suse_linux:lttng-modules-debugsource", "p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default", "p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0585-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89022", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0585-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89022);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-0272\", \"CVE-2015-5707\", \"CVE-2015-7550\", \"CVE-2015-7799\", \"CVE-2015-8215\", \"CVE-2015-8539\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8660\", \"CVE-2015-8767\", \"CVE-2015-8785\", \"CVE-2016-0723\", \"CVE-2016-2069\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0585-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.53 to\nreceive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2013-7446: Use-after-free vulnerability in\n net/unix/af_unix.c in the Linux kernel allowed local\n users to bypass intended AF_UNIX socket permissions or\n cause a denial of service (panic) via crafted epoll_ctl\n calls (bnc#955654).\n\n - CVE-2015-5707: Integer overflow in the sg_start_req\n function in drivers/scsi/sg.c in the Linux kernel\n allowed local users to cause a denial of service or\n possibly have unspecified other impact via a large\n iov_count value in a write request (bnc#940338).\n\n - CVE-2015-7550: The keyctl_read_key function in\n security/keys/keyctl.c in the Linux kernel did not\n properly use a semaphore, which allowed local users to\n cause a denial of service (NULL pointer dereference and\n system crash) or possibly have unspecified other impact\n via a crafted application that leverages a race\n condition between keyctl_revoke and keyctl_read calls\n (bnc#958951).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in\n the Linux kernel did not validate attempted changes to\n the MTU value, which allowed context-dependent attackers\n to cause a denial of service (packet loss) via a value\n that was (1) smaller than the minimum compliant value or\n (2) larger than the MTU of an interface, as demonstrated\n by a Router Advertisement (RA) message that is not\n validated by a daemon, a different vulnerability than\n CVE-2015-0272 (bnc#955354).\n\n - CVE-2015-8539: The KEYS subsystem in the Linux kernel\n allowed local users to gain privileges or cause a denial\n of service (BUG) via crafted keyctl commands that\n negatively instantiate a key, related to\n security/keys/encrypted-keys/encrypted.c,\n security/keys/trusted.c, and\n security/keys/user_defined.c (bnc#958463).\n\n - CVE-2015-8543: The networking implementation in the\n Linux kernel did not validate protocol identifiers for\n certain protocol families, which allowed local users to\n cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain\n privileges by leveraging CLONE_NEWUSER support to\n execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2015-8550: Optimizations introduced by the compiler\n could have lead to double fetch vulnerabilities,\n potentially possibly leading to arbitrary code execution\n in backend (bsc#957988).\n\n - CVE-2015-8551: Xen PCI backend driver did not perform\n proper sanity checks on the device's state, allowing for\n DoS (bsc#957990).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect\n functions in drivers/net/ppp/pptp.c in the Linux kernel\n did not verify an address length, which allowed local\n users to obtain sensitive information from kernel memory\n and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n\n - CVE-2015-8575: The sco_sock_bind function in\n net/bluetooth/sco.c in the Linux kernel did not verify\n an address length, which allowed local users to obtain\n sensitive information from kernel memory and bypass the\n KASLR protection mechanism via a crafted application\n (bnc#959399).\n\n - CVE-2015-8660: The ovl_setattr function in\n fs/overlayfs/inode.c in the Linux kernel attempted to\n merge distinct setattr operations, which allowed local\n users to bypass intended access restrictions and modify\n the attributes of arbitrary overlay files via a crafted\n application (bnc#960281).\n\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux\n kernel did not properly manage the relationship between\n a lock and a socket, which allowed local users to cause\n a denial of service (deadlock) via a crafted sctp_accept\n call (bnc#961509).\n\n - CVE-2015-8785: The fuse_fill_write_pages function in\n fs/fuse/file.c in the Linux kernel allowed local users\n to cause a denial of service (infinite loop) via a\n writev system call that triggers a zero length for the\n first segment of an iov (bnc#963765).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function\n in drivers/tty/tty_io.c in the Linux kernel allowed\n local users to obtain sensitive information from kernel\n memory or cause a denial of service (use-after-free and\n system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n\n - CVE-2016-2069: A race in invalidating paging structures\n that were not in use locally could have lead to\n disclosoure of information or arbitrary code exectution\n (bnc#963767).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=812259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=855062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=899908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937261\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-7446/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5707/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8215/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8539/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8543/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8551/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8575/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8660/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8785/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0723/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2069/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160585-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45296e5e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP1-2016-329=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-329=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-329=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-329=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2016-329=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-329=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lttng-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lttng-modules-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"lttng-modules-2.7.0-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"lttng-modules-debugsource-2.7.0-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"lttng-modules-kmp-default-2.7.0_k3.12.53_60.30-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"lttng-modules-kmp-default-debuginfo-2.7.0_k3.12.53_60.30-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.53-60.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.53-60.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-31T14:29:13", "description": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.51 to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers were valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-5283: The sctp_init function in net/sctp/protocol.c in the Linux kernel had an incorrect sequence of protocol-initialization steps, which allowed local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished (bnc#947155).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#926238).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-07T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-2925", "CVE-2015-5283", "CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-2194-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2194-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87214);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-2925\", \"CVE-2015-5283\", \"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\");\n script_bugtraq_id(73926);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 kernel was updated to 3.12.51 to receive\nvarious security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers were valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-5283: The sctp_init function in\n net/sctp/protocol.c in the Linux kernel had an incorrect\n sequence of protocol-initialization steps, which allowed\n local users to cause a denial of service (panic or\n memory corruption) by creating SCTP sockets before all\n of the steps have finished (bnc#947155).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c\n in the Linux kernel did not properly handle rename\n actions inside a bind mount, which allowed local users\n to bypass an intended container protection mechanism by\n renaming a directory, related to a 'double-chroot attack\n (bnc#926238).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an\n underlying transport exists when creating a connection,\n causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-7872: The key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local\n users to cause a denial of service (OOPS) via crafted\n keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers\n to cause a denial of service (IPv6 traffic disruption)\n via a crafted MTU value in an IPv6 Router Advertisement\n (RA) message, a different vulnerability than\n CVE-2015-8215 (bnc#944296).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2925/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5283/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152194-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e36375c5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2015-945=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-945=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-945=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-945=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2015-945=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-945=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:24", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2846-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2846-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2846-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87529);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2846-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2846-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2846-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2846-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-97-generic\", pkgver:\"3.2.0-97.137\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-97-generic-pae\", pkgver:\"3.2.0-97.137\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-97-highbank\", pkgver:\"3.2.0-97.137\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-97-virtual\", pkgver:\"3.2.0-97.137\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:17", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerabilities (USN-2850-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2850-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2850-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87533);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2850-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerabilities (USN-2850-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2850-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2850-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-42-generic\", pkgver:\"3.19.0-42.48\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-42-generic-lpae\", pkgver:\"3.19.0-42.48\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-42-lowlatency\", pkgver:\"3.19.0-42.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:09", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2848-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2848-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87531", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2848-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87531);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2848-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2848-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2848-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2848-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-74-generic\", pkgver:\"3.13.0-74.118\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-74-generic-lpae\", pkgver:\"3.13.0-74.118\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-74-lowlatency\", pkgver:\"3.13.0-74.118\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:19", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2853-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2853-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87536", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2853-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87536);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2853-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2853-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2853-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2853-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-22-generic\", pkgver:\"4.2.0-22.27~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-22-generic-lpae\", pkgver:\"4.2.0-22.27~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-22-lowlatency\", pkgver:\"4.2.0-22.27~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:32", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2844-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2844-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87471);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2844-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2844-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2844-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-generic\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-generic-lpae\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-lowlatency\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:16", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2841-2.NASL", "href": "https://www.tenable.com/plugins/nessus/87467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2841-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87467);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2841-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2841-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2841-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-73-generic\", pkgver:\"3.13.0-73.116~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-73-generic-lpae\", pkgver:\"3.13.0-73.116~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:06:18", "description": "This update fixes the CVEs described below.\n\nCVE-2015-7550\n\nDmitry Vyukov discovered a race condition in the keyring subsystem that allows a local user to cause a denial of service (crash).\n\nCVE-2015-8543\n\nIt was discovered that a local user permitted to create raw sockets could cause a denial of service by specifying an invalid protocol number for the socket. The attacker must have the CAP_NET_RAW capability.\n\nCVE-2015-8575\n\nDavid Miller discovered a flaw in the Bluetooth SCO sockets implementation that leads to an information leak to local users.\n\nIn addition, this update fixes a regression in the previous update :\n\n#808293\n\nA regression in the UDP implementation prevented freeradius and some other applications from receiving data.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze18.\n\nFor the oldstable distribution (wheezy), these problems have been fixed in version 3.2.73-2+deb7u2.\n\nFor the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt20-1+deb8u2 or earlier.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Debian DLA-378-1 : linux-2.6 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7550", "CVE-2015-8543", "CVE-2015-8575"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firmware-linux-free", "p-cpe:/a:debian:debian_linux:linux-base", "p-cpe:/a:debian:debian_linux:linux-doc-2.6.32", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-2.6.32", "p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32", "p-cpe:/a:debian:debian_linux:linux-source-2.6.32", "p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5", "p-cpe:/a:debian:debian_linux:linux-tools-2.6.32", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-378.NASL", "href": "https://www.tenable.com/plugins/nessus/87738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-378-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87738);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7550\", \"CVE-2015-8543\", \"CVE-2015-8575\");\n\n script_name(english:\"Debian DLA-378-1 : linux-2.6 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVEs described below.\n\nCVE-2015-7550\n\nDmitry Vyukov discovered a race condition in the keyring subsystem\nthat allows a local user to cause a denial of service (crash).\n\nCVE-2015-8543\n\nIt was discovered that a local user permitted to create raw sockets\ncould cause a denial of service by specifying an invalid protocol\nnumber for the socket. The attacker must have the CAP_NET_RAW\ncapability.\n\nCVE-2015-8575\n\nDavid Miller discovered a flaw in the Bluetooth SCO sockets\nimplementation that leads to an information leak to local users.\n\nIn addition, this update fixes a regression in the previous update :\n\n#808293\n\nA regression in the UDP implementation prevented freeradius and some\nother applications from receiving data.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze18.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.2.73-2+deb7u2.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt20-1+deb8u2 or earlier.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/01/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/linux-2.6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firmware-linux-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-tools-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze18\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:32", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2851-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2851-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87534);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2851-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2851-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2851-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-22-generic\", pkgver:\"4.2.0-22.27\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-22-generic-lpae\", pkgver:\"4.2.0-22.27\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-22-lowlatency\", pkgver:\"4.2.0-22.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:19", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2849-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2849-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2849-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87532);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2849-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2849-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2849-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2849-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-57-generic\", pkgver:\"3.16.0-57.77~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-57-generic-lpae\", pkgver:\"3.16.0-57.77~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-57-lowlatency\", pkgver:\"3.16.0-57.77~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:17", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2841-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2841-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87466);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2841-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2841-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2841-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-generic\", pkgver:\"3.13.0-73.116\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-generic-lpae\", pkgver:\"3.13.0-73.116\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-lowlatency\", pkgver:\"3.13.0-73.116\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:31", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2847-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2847-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87530", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2847-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87530);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2847-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2847-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2847-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2847-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-74-generic\", pkgver:\"3.13.0-74.118~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-74-generic-lpae\", pkgver:\"3.13.0-74.118~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:19", "description": "Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2854-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2854-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2854-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87537);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n script_xref(name:\"USN\", value:\"2854-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2854-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in\nthe paravirtualized guest could exploit this flaw to cause a denial of\nservice (crash the host) or potentially execute arbitrary code on the\nhost. (CVE-2015-8550)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host.\n(CVE-2015-8551)\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space.\n(CVE-2015-8552)\n\nJann Horn discovered a ptrace issue with user namespaces in the Linux\nkernel. The namespace owner could potentially exploit this flaw by\nptracing a root owned process entering the user namespace to elevate\nits privileges and potentially gain access outside of the namespace.\n(http://bugs.launchpad.net/bugs/1527374)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2854-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2854-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-42-generic\", pkgver:\"3.19.0-42.48~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-42-generic-lpae\", pkgver:\"3.19.0-42.48~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-42-lowlatency\", pkgver:\"3.19.0-42.48~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:07:40", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2888-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2888-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2888-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88521);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\");\n script_xref(name:\"USN\", value:\"2888-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2888-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2888-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2888-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-generic\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-generic-lpae\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-lowlatency\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:31", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux kernel did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7884", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2842-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2842-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87468);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2842-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux\nkernel did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2842-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2842-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-generic\", pkgver:\"3.19.0-41.46\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-generic-lpae\", pkgver:\"3.19.0-41.46\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-lowlatency\", pkgver:\"3.19.0-41.46\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-10T15:39:59", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2890-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88524", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88524);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic-lpae\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-lowlatency\", pkgver:\"4.2.0-27.32\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:07:42", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to

Security update for the Linux Kernel (important)

Description

Affected Package

Related