{"id": "USN-1652-1", "bulletinFamily": "unix", "title": "Linux kernel (Oneiric backport) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "modified": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1652-1/", "reporter": "Ubuntu", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0957", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6538", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-1826", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6541", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-1928", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6546", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6536", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6542", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6545", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6544", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0309", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6537", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6540", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-4565", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6539"], "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-6545", "CVE-2012-0957", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6538", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "type": "ubuntu", "lastseen": "2018-03-29T18:18:30", "history": [], "edition": 1, "hashmap": [{"key": "affectedPackage", "hash": "cf44a4a87f06edc38822a660780a72ce"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "b4c45c341d600f6ac255802f6372c320"}, {"key": "cvss", "hash": "20b312358ab5f293fffb562d006d88f6"}, {"key": "description", "hash": "f73a03809997d858c3a135b6a391783e"}, {"key": "href", "hash": "a0f780b76d3027a6d2b044ddf894203c"}, {"key": "modified", "hash": "db744140e649d5b095b38bd0f7a39d65"}, {"key": "published", "hash": "db744140e649d5b095b38bd0f7a39d65"}, {"key": "references", "hash": "8184cea9e598d08ed8bef323ab712398"}, {"key": "reporter", "hash": "3d945423f8e9496c429a5d8c65b4604f"}, {"key": "title", "hash": "a7d290daa805abb980caf9b7636a37eb"}, {"key": "type", "hash": "1d41c853af58d3a7ae54990ce29417d8"}], "hash": "932df96a445c59de6b576847d858ffdbb6b535c0f6f2210f87d7d2d410a87071", "viewCount": 0, "enchantments": {"vulnersScore": 7.2}, "objectVersion": "1.3", "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.0.0-28-virtual", "packageVersion": "3.0.0-28.45~lucid1"}, {"OS": "Ubuntu", "OSVersion": "10.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.0.0-28-server", "packageVersion": "3.0.0-28.45~lucid1"}, {"OS": "Ubuntu", "OSVersion": "10.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.0.0-28-generic-pae", "packageVersion": "3.0.0-28.45~lucid1"}, {"OS": "Ubuntu", "OSVersion": "10.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.0.0-28-generic", "packageVersion": "3.0.0-28.45~lucid1"}]}

{"result": {"cve": [{"id": "CVE-2012-6546", "type": "cve", "title": "CVE-2012-6546", "description": "The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6546", "cvelist": ["CVE-2012-6546"], "lastseen": "2016-09-03T17:25:18"}, {"id": "CVE-2012-6541", "type": "cve", "title": "CVE-2012-6541", "description": "The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6541", "cvelist": ["CVE-2012-6541"], "lastseen": "2016-09-03T17:25:14"}, {"id": "CVE-2012-6537", "type": "cve", "title": "CVE-2012-6537", "description": "net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6537", "cvelist": ["CVE-2012-6537"], "lastseen": "2016-09-03T17:25:11"}, {"id": "CVE-2012-4565", "type": "cve", "title": "CVE-2012-4565", "description": "The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.", "published": "2012-12-21T06:47:36", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4565", "cvelist": ["CVE-2012-4565"], "lastseen": "2016-09-03T17:04:39"}, {"id": "CVE-2013-1826", "type": "cve", "title": "CVE-2013-1826", "description": "The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.", "published": "2013-03-22T07:59:11", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1826", "cvelist": ["CVE-2013-1826"], "lastseen": "2016-09-03T18:14:30"}, {"id": "CVE-2012-6545", "type": "cve", "title": "CVE-2012-6545", "description": "The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6545", "cvelist": ["CVE-2012-6545"], "lastseen": "2016-09-03T17:25:18"}, {"id": "CVE-2012-0957", "type": "cve", "title": "CVE-2012-0957", "description": "The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.", "published": "2012-12-21T06:47:35", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0957", "cvelist": ["CVE-2012-0957"], "lastseen": "2016-09-03T16:18:07"}, {"id": "CVE-2012-6542", "type": "cve", "title": "CVE-2012-6542", "description": "The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6542", "cvelist": ["CVE-2012-6542"], "lastseen": "2016-09-03T17:25:16"}, {"id": "CVE-2012-6539", "type": "cve", "title": "CVE-2012-6539", "description": "The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6539", "cvelist": ["CVE-2012-6539"], "lastseen": "2016-09-03T17:25:13"}, {"id": "CVE-2012-6540", "type": "cve", "title": "CVE-2012-6540", "description": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.", "published": "2013-03-15T16:55:07", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6540", "cvelist": ["CVE-2012-6540"], "lastseen": "2016-09-03T17:25:14"}], "nessus": [{"id": "REDHAT-RHSA-2013-0747.NASL", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2013:0747)", "description": "Updated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system. (CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in the Linux kernel. A privileged guest user in a guest that has a PCI passthrough device could use this flaw to cause a denial of service that could potentially affect the entire system.\n(CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation framework (XFRM) implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the Linux kernel's networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216 and CVE-2013-0231 issues.\n\nThis update also fixes the following bugs :\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of the designed interface when receiving ICMP Fragmentation Needed packets. Consequently, a remote host did not respond correctly to ping attempts. With this update, the IPv4 code has been modified so the MTU of the designed interface is adjusted as expected in this situation. The ping command now provides the expected output.\n(BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion message from the firmware to be transferred by direct memory access (DMA) at once. However, this is not always true, and could therefore cause the BUG_ON() macro to be triggered in the be_mcc_compl_is_new() function, consequently leading to a kernel panic. The BUG_ON() macro has been removed from be_mcc_compl_is_new(), and the kernel panic no longer occurs in this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit. Consequently, the cookies became invalid, which affected all file system operations depending on these cookies, such as the READDIR operation that is used to read entries from a directory. This led to various problems, such as exported directories being empty or displayed incorrectly, or an endless loop of the READDIRPLUS procedure which could potentially cause a buffer overflow. This update modifies knfsd code so that 64-bit cookies are now handled correctly and all file system operations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-04-17T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=65991", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-29T13:41:40"}, {"id": "UBUNTU_USN-1808-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1808-1)", "description": "Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel's stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel's Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel's Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory.\n(CVE-2012-6546)\n\nMathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6548)\n\nAndrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege.\n(CVE-2013-0228)\n\nAn information leak was discovered in the Linux kernel's Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled.\nA local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)\n\nA flaw was discovered in the Edgeort USB serial converter driver when the device is disconnected while it is in use. A local user could exploit this flaw to cause a denial of service (system crash).\n(CVE-2013-1774)\n\nAndrew Honig discovered a flaw in guest OS time updates in the Linux kernel's KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to cause a denial of service (crash host system) or potential escalate privilege to the host kernel level.\n(CVE-2013-1796).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-04-26T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=66232", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2017-10-29T13:40:03"}, {"id": "ORACLELINUX_ELSA-2013-0747.NASL", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2013-0747)", "description": "From Red Hat Security Advisory 2013:0747 :\n\nUpdated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system. (CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in the Linux kernel. A privileged guest user in a guest that has a PCI passthrough device could use this flaw to cause a denial of service that could potentially affect the entire system.\n(CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation framework (XFRM) implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the Linux kernel's networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216 and CVE-2013-0231 issues.\n\nThis update also fixes the following bugs :\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of the designed interface when receiving ICMP Fragmentation Needed packets. Consequently, a remote host did not respond correctly to ping attempts. With this update, the IPv4 code has been modified so the MTU of the designed interface is adjusted as expected in this situation. The ping command now provides the expected output.\n(BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion message from the firmware to be transferred by direct memory access (DMA) at once. However, this is not always true, and could therefore cause the BUG_ON() macro to be triggered in the be_mcc_compl_is_new() function, consequently leading to a kernel panic. The BUG_ON() macro has been removed from be_mcc_compl_is_new(), and the kernel panic no longer occurs in this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit. Consequently, the cookies became invalid, which affected all file system operations depending on these cookies, such as the READDIR operation that is used to read entries from a directory. This led to various problems, such as exported directories being empty or displayed incorrectly, or an endless loop of the READDIRPLUS procedure which could potentially cause a buffer overflow. This update modifies knfsd code so that 64-bit cookies are now handled correctly and all file system operations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68809", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-29T13:34:55"}, {"id": "CENTOS_RHSA-2013-0747.NASL", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2013:0747)", "description": "Updated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system. (CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in the Linux kernel. A privileged guest user in a guest that has a PCI passthrough device could use this flaw to cause a denial of service that could potentially affect the entire system.\n(CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation framework (XFRM) implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the Linux kernel's networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216 and CVE-2013-0231 issues.\n\nThis update also fixes the following bugs :\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of the designed interface when receiving ICMP Fragmentation Needed packets. Consequently, a remote host did not respond correctly to ping attempts. With this update, the IPv4 code has been modified so the MTU of the designed interface is adjusted as expected in this situation. The ping command now provides the expected output.\n(BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion message from the firmware to be transferred by direct memory access (DMA) at once. However, this is not always true, and could therefore cause the BUG_ON() macro to be triggered in the be_mcc_compl_is_new() function, consequently leading to a kernel panic. The BUG_ON() macro has been removed from be_mcc_compl_is_new(), and the kernel panic no longer occurs in this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit. Consequently, the cookies became invalid, which affected all file system operations depending on these cookies, such as the READDIR operation that is used to read entries from a directory. This led to various problems, such as exported directories being empty or displayed incorrectly, or an endless loop of the READDIRPLUS procedure which could potentially cause a buffer overflow. This update modifies knfsd code so that 64-bit cookies are now handled correctly and all file system operations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-04-17T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=65988", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-29T13:41:24"}, {"id": "UBUNTU_USN-1805-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1805-1)", "description": "Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel's stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel's Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel's Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory.\n(CVE-2012-6546)\n\nMathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6548)\n\nAndrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege.\n(CVE-2013-0228)\n\nAn information leak was discovered in the Linux kernel's Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled.\nA local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)\n\nA flaw was discovered in the Edgeort USB serial converter driver when the device is disconnected while it is in use. A local user could exploit this flaw to cause a denial of service (system crash).\n(CVE-2013-1774)\n\nAndrew Honig discovered a flaw in guest OS time updates in the Linux kernel's KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to cause a denial of service (crash host system) or potential escalate privilege to the host kernel level.\n(CVE-2013-1796).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-04-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=66171", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2017-10-29T13:39:23"}, {"id": "SL_20130416_KERNEL_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "description": "This update fixes the following security issues :\n\n - A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system. (CVE-2013-0216, Moderate)\n\n - A flaw was found in the Xen PCI device back-end driver implementation in the Linux kernel. A privileged guest user in a guest that has a PCI passthrough device could use this flaw to cause a denial of service that could potentially affect the entire system. (CVE-2013-0231, Moderate)\n\n - A NULL pointer dereference flaw was found in the IP packet transformation framework (XFRM) implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-1826, Moderate)\n\n - Information leak flaws were found in the XFRM implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use these flaws to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n - An information leak flaw was found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6542, Low)\n\n - Two information leak flaws were found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use these flaws to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n - An information leak flaw was found in the TUN/TAP device driver in the Linux kernel's networking implementation.\n A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\nThis update also fixes the following bugs :\n\n - The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of the designed interface when receiving ICMP Fragmentation Needed packets.\n Consequently, a remote host did not respond correctly to ping attempts. With this update, the IPv4 code has been modified so the MTU of the designed interface is adjusted as expected in this situation. The ping command now provides the expected output.\n\n - Previously, the be2net code expected the last word of an MCC completion message from the firmware to be transferred by direct memory access (DMA) at once.\n However, this is not always true, and could therefore cause the BUG_ON() macro to be triggered in the be_mcc_compl_is_new() function, consequently leading to a kernel panic. The BUG_ON() macro has been removed from be_mcc_compl_is_new(), and the kernel panic no longer occurs in this scenario.\n\n - Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit. Consequently, the cookies became invalid, which affected all file system operations depending on these cookies, such as the READDIR operation that is used to read entries from a directory. This led to various problems, such as exported directories being empty or displayed incorrectly, or an endless loop of the READDIRPLUS procedure which could potentially cause a buffer overflow. This update modifies knfsd code so that 64-bit cookies are now handled correctly and all file system operations work as expected.\n\nThe system must be rebooted for this update to take effect.", "published": "2013-04-18T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=66016", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0217", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-29T13:36:07"}, {"id": "ORACLELINUX_ELSA-2013-0747-1.NASL", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2013-0747-1)", "description": "From Red Hat Security Advisory 2013:0747 :\n\nUpdated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system. (CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in the Linux kernel. A privileged guest user in a guest that has a PCI passthrough device could use this flaw to cause a denial of service that could potentially affect the entire system.\n(CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation framework (XFRM) implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the Linux kernel. A local user who has the CAP_NET_ADMIN capability could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use these flaws to leak kernel stack memory to user-space.\n(CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the Linux kernel's networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216 and CVE-2013-0231 issues.\n\nThis update also fixes the following bugs :\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of the designed interface when receiving ICMP Fragmentation Needed packets. Consequently, a remote host did not respond correctly to ping attempts. With this update, the IPv4 code has been modified so the MTU of the designed interface is adjusted as expected in this situation. The ping command now provides the expected output.\n(BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion message from the firmware to be transferred by direct memory access (DMA) at once. However, this is not always true, and could therefore cause the BUG_ON() macro to be triggered in the be_mcc_compl_is_new() function, consequently leading to a kernel panic. The BUG_ON() macro has been removed from be_mcc_compl_is_new(), and the kernel panic no longer occurs in this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit. Consequently, the cookies became invalid, which affected all file system operations depending on these cookies, such as the READDIR operation that is used to read entries from a directory. This led to various problems, such as exported directories being empty or displayed incorrectly, or an endless loop of the READDIRPLUS procedure which could potentially cause a buffer overflow. This update modifies knfsd code so that 64-bit cookies are now handled correctly and all file system operations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68808", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-29T13:35:51"}, {"id": "ORACLELINUX_ELSA-2013-2520.NASL", "type": "nessus", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2520)", "description": "Description of changes:\n\nkernel-uek [2.6.32-400.26.2.el6uek]\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}\n- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}\n- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}\n- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}\n- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}\n- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}\n- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}\n- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}\n- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}\n- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68852", "cvelist": ["CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2012-5517", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2017-10-29T13:44:00"}, {"id": "ORACLELINUX_ELSA-2013-0744.NASL", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2013-0744)", "description": "From Red Hat Security Advisory 2013:0744 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSecurity :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the 'utf8=1' option could use this flaw to crash the system or, potentially, to escalate their privileges.\n(CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level. (CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest time updates when the GPA (guest physical address) the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a movable or removable memory region of the hosting user-space process (by default, QEMU-KVM) on the host. If that memory region is deregistered from KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a privileged guest user could potentially use this flaw to escalate their privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced Programmable Interrupt Controller). A missing validation check in the ioapic_read_indirect() function could allow a privileged guest user to crash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL pointer dereference, was found in the key management facility. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control Protocol (DCCP) implementation could allow a local user to cause a denial of service. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM) subsystem could allow a local, unprivileged user to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB Inside Out Edgeport Serial Driver implementation. An attacker with physical access to a system could use this flaw to cause a denial of service. (CVE-2013-1774, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting CVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was discovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68807", "cvelist": ["CVE-2012-6546", "CVE-2013-1797", "CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2013-1773", "CVE-2013-0913", "CVE-2012-6538", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2017-10-29T13:45:54"}, {"id": "ORACLELINUX_ELSA-2013-2534.NASL", "type": "nessus", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2534)", "description": "Description of changes:\n\n\n[2.6.32-400.29.1.el6uek]\n- KVM: add missing void __user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to access_ok() call (Heiko Carstens) [Orabug: 16941620] {CVE-2013-1943}\n- KVM: Validate userspace_addr of memslot when registered (Takuya Yoshikawa) [Orabug: 16941620] {CVE-2013-1943}\n\n[2.6.32-400.28.1.el6uek]\n- do_add_mount()/umount -l races (Jerry Snitselaar) [Orabug: 16311974]\n- tg3: fix length overflow in VPD firmware parsing (Kees Cook) [Orabug: 16837019] {CVE-2013-1929}\n- USB: cdc-wdm: fix buffer overflow (Oliver Neukum) [Orabug: 16837003] {CVE-2013-1860}\n- bonding: emit event when bonding changes MAC (Weiping Pan) [Orabug: 16579025]\n- sched: Fix ancient race in do_exit() (Joe Jin)\n- open debug in page_move_anon_rmap by default. (Xiaowei.Hu) [Orabug: 14046035]\n- block: default SCSI command filter does not accomodate commands overlap across device classes (Jamie Iles) [Orabug: 16387136] {CVE-2012-4542}\n- vma_adjust: fix the copying of anon_vma chains (Linus Torvalds) [Orabug: 14046035]\n- xen-netfront: delay gARP until backend switches to Connected (Laszlo Ersek) [Orabug: 16182568]\n- svcrpc: don't hold sv_lock over svc_xprt_put() (J. Bruce Fields) [Orabug: 16032824]\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}\n- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}\n- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}\n- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}\n- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}\n- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}\n- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}\n\n[2.6.32-400.27.1.el6uek]\n- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}\n- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}\n- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- llc: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6542}\n- x86/mm: Check if PUD is large when validating a kernel address (Mel Gorman) [Orabug: 14251997]", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68856", "cvelist": ["CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1860", "CVE-2013-1943", "CVE-2013-1792", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2013-1929", "CVE-2012-6547", "CVE-2012-4542", "CVE-2012-5517", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2017-10-29T13:41:20"}], "openvas": [{"id": "OPENVAS:841404", "type": "openvas", "title": "Ubuntu Update for linux USN-1805-1", "description": "Check for the Version of linux", "published": "2013-04-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841404", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-02-06T13:10:10"}, {"id": "OPENVAS:841411", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1808-1", "description": "Check for the Version of linux-ec2", "published": "2013-06-14T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841411", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-01-18T11:08:41"}, {"id": "OPENVAS:1361412562310123641", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0747-1", "description": "Oracle Linux Local Security Checks ELSA-2013-0747-1", "published": "2015-10-06T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123641", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-07-24T12:53:56"}, {"id": "OPENVAS:1361412562310870979", "type": "openvas", "title": "RedHat Update for kernel RHSA-2013:0747-01", "description": "Check for the Version of kernel", "published": "2013-04-19T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870979", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0217", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2018-04-06T11:23:52"}, {"id": "OPENVAS:1361412562310841404", "type": "openvas", "title": "Ubuntu Update for linux USN-1805-1", "description": "Check for the Version of linux", "published": "2013-04-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841404", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-04-06T11:22:11"}, {"id": "OPENVAS:1361412562310841411", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1808-1", "description": "Check for the Version of linux-ec2", "published": "2013-06-14T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841411", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-04-06T11:21:11"}, {"id": "OPENVAS:881717", "type": "openvas", "title": "CentOS Update for kernel CESA-2013:0747 centos5 ", "description": "Check for the Version of kernel", "published": "2013-04-19T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881717", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0217", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-07-25T10:51:46"}, {"id": "OPENVAS:870979", "type": "openvas", "title": "RedHat Update for kernel RHSA-2013:0747-01", "description": "Check for the Version of kernel", "published": "2013-04-19T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870979", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0217", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2018-01-26T11:10:26"}, {"id": "OPENVAS:1361412562310123643", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0747", "description": "Oracle Linux Local Security Checks ELSA-2013-0747", "published": "2015-10-06T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123643", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-07-24T12:52:53"}, {"id": "OPENVAS:1361412562310881717", "type": "openvas", "title": "CentOS Update for kernel CESA-2013:0747 centos5 ", "description": "Check for the Version of kernel", "published": "2013-04-19T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881717", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-0217", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2018-04-09T11:22:55"}], "ubuntu": [{"id": "USN-1805-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Mathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s UDF file system implementation. A local user could exploit this flaw to examine some of the kernel\u2019s heap memory. (CVE-2012-6548)\n\nAndrew Jones discovered a flaw with the xen_iret function in Linux kernel\u2019s Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. (CVE-2013-0228)\n\nAn information leak was discovered in the Linux kernel\u2019s Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled. A local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)\n\nA flaw was discovered in the Edgeort USB serial converter driver when the device is disconnected while it is in use. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1774)\n\nAndrew Honig discovered a flaw in guest OS time updates in the Linux kernel\u2019s KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to cause a denial of service (crash host system) or potential escalate privilege to the host kernel level. (CVE-2013-1796)", "published": "2013-04-19T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1805-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-03-29T18:18:53"}, {"id": "USN-1808-1", "type": "ubuntu", "title": "Linux kernel (EC2) vulnerabilities", "description": "Mathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s UDF file system implementation. A local user could exploit this flaw to examine some of the kernel\u2019s heap memory. (CVE-2012-6548)\n\nAndrew Jones discovered a flaw with the xen_iret function in Linux kernel\u2019s Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. (CVE-2013-0228)\n\nAn information leak was discovered in the Linux kernel\u2019s Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled. A local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)\n\nA flaw was discovered in the Edgeort USB serial converter driver when the device is disconnected while it is in use. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1774)\n\nAndrew Honig discovered a flaw in guest OS time updates in the Linux kernel\u2019s KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to cause a denial of service (crash host system) or potential escalate privilege to the host kernel level. (CVE-2013-1796)", "published": "2013-04-25T00:00:00", "cvss": {"score": 6.8, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1808-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6548", "CVE-2013-0228", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6544", "CVE-2013-1796"], "lastseen": "2018-03-29T18:19:47"}, {"id": "USN-1599-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerability", "description": "Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. (CVE-2012-3520)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in how netlink sockets validate message origins. A local attacker could exploit this flaw to send netlink message notifications, with spoofed credentials, to subscribed tasks. (CVE-2012-6689)\n\nMathias Krause discover an error in Linux kernel\u2019s Datagram Congestion Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local attack could exploit this flaw to cause a denial of service (crash) and potentially escalate privileges if the user can mmap page 0. (CVE-2013-1827)", "published": "2012-10-09T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1599-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2013-1827", "CVE-2012-3520", "CVE-2012-6545", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6689"], "lastseen": "2018-03-29T18:17:46"}, {"id": "USN-1610-1", "type": "ubuntu", "title": "Linux kernel vulnerability", "description": "Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. (CVE-2012-3520)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in how netlink sockets validate message origins. A local attacker could exploit this flaw to send netlink message notifications, with spoofed credentials, to subscribed tasks. (CVE-2012-6689)\n\nMathias Krause discover an error in Linux kernel\u2019s Datagram Congestion Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local attack could exploit this flaw to cause a denial of service (crash) and potentially escalate privileges if the user can mmap page 0. (CVE-2013-1827)", "published": "2012-10-12T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1610-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2013-1827", "CVE-2012-3520", "CVE-2012-6545", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6689"], "lastseen": "2018-03-29T18:18:21"}, {"id": "USN-1649-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1649-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-6545", "CVE-2012-0957", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6538", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:19:10"}, {"id": "USN-1648-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1648-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-6545", "CVE-2012-0957", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6538", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:21:22"}, {"id": "USN-1798-1", "type": "ubuntu", "title": "Linux kernel (EC2) vulnerabilities", "description": "Mathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nEmese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). (CVE-2013-0914)\n\nA memory use after free error was discover in the Linux kernel\u2019s tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-1767)\n\nMateusz Guzik discovered a race in the Linux kernel\u2019s keyring. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1792)", "published": "2013-04-09T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1798-1/", "cvelist": ["CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1792", "CVE-2012-6539", "CVE-2012-6540", "CVE-2013-0914"], "lastseen": "2018-03-29T18:21:20"}, {"id": "USN-1792-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Mathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nEmese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). (CVE-2013-0914)\n\nA memory use after free error was discover in the Linux kernel\u2019s tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-1767)\n\nMateusz Guzik discovered a race in the Linux kernel\u2019s keyring. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-1792)", "published": "2013-04-08T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1792-1/", "cvelist": ["CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1792", "CVE-2012-6539", "CVE-2012-6540", "CVE-2013-0914"], "lastseen": "2018-03-29T18:17:13"}, {"id": "USN-1646-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1646-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:17:20"}, {"id": "USN-1647-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1647-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:20:07"}], "centos": [{"id": "CESA-2013:0747", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:0747\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the Xen netback driver implementation in the Linux\nkernel. A privileged guest user with access to a para-virtualized network\ndevice could use this flaw to cause a long loop in netback, leading to a\ndenial of service that could potentially affect the entire system.\n(CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in\nthe Linux kernel. A privileged guest user in a guest that has a PCI\npassthrough device could use this flaw to cause a denial of service that\ncould potentially affect the entire system. (CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation\nframework (XFRM) implementation in the Linux kernel. A local user who has\nthe CAP_NET_ADMIN capability could use this flaw to cause a denial of\nservice. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the\nLinux kernel. A local user who has the CAP_NET_ADMIN capability could use\nthese flaws to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC)\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to leak kernel stack memory to user-space. (CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous\nTransfer Mode (ATM) subsystem. A local, unprivileged user could use these\nflaws to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the\nLinux kernel's networking implementation. A local user with access to a\nTUN/TAP virtual interface could use this flaw to leak kernel stack memory\nto user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216\nand CVE-2013-0231 issues.\n\nThis update also fixes the following bugs:\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of\nthe designed interface when receiving ICMP Fragmentation Needed packets.\nConsequently, a remote host did not respond correctly to ping attempts.\nWith this update, the IPv4 code has been modified so the MTU of the\ndesigned interface is adjusted as expected in this situation. The ping\ncommand now provides the expected output. (BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion\nmessage from the firmware to be transferred by direct memory access (DMA)\nat once. However, this is not always true, and could therefore cause the\nBUG_ON() macro to be triggered in the be_mcc_compl_is_new() function,\nconsequently leading to a kernel panic. The BUG_ON() macro has been\nremoved from be_mcc_compl_is_new(), and the kernel panic no longer occurs\nin this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to\n32-bit. Consequently, the cookies became invalid, which affected all file\nsystem operations depending on these cookies, such as the READDIR operation\nthat is used to read entries from a directory. This led to various\nproblems, such as exported directories being empty or displayed\nincorrectly, or an endless loop of the READDIRPLUS procedure which could\npotentially cause a buffer overflow. This update modifies knfsd code so\nthat 64-bit cookies are now handled correctly and all file system\noperations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-April/019690.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0747.html", "published": "2013-04-17T04:13:17", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-April/019690.html", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-10-03T18:26:17"}, {"id": "CESA-2013:0744", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:0744\n\n\nSecurity:\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the Intel i915 driver in the Linux kernel handled the\nallocation of the buffer used for relocation copies. A local user with\nconsole access could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were\nconverted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's\nFAT file system implementation. A local user able to mount a FAT file\nsystem with the \"utf8=1\" option could use this flaw to crash the system or,\npotentially, to escalate their privileges. (CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the\nbuffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine\nstate register (MSR) crossed a page boundary. A privileged guest user could\nuse this flaw to crash the host or, potentially, escalate their privileges,\nallowing them to execute arbitrary code at the host kernel level.\n(CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest\ntime updates when the GPA (guest physical address) the guest registered by\nwriting to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a\nmovable or removable memory region of the hosting user-space process (by\ndefault, QEMU-KVM) on the host. If that memory region is deregistered from\nKVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory\nreused, a privileged guest user could potentially use this flaw to\nescalate their privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced\nProgrammable Interrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL pointer\ndereference, was found in the key management facility. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to cause a denial of service.\n(CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control Protocol\n(DCCP) implementation could allow a local user to cause a denial of\nservice. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to leak kernel stack memory to\nuser-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM)\nsubsystem could allow a local, unprivileged user to leak kernel stack\nmemory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the\nnetworking implementation. A local user with access to a TUN/TAP virtual\ninterface could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to leak kernel stack memory to\nuser-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user\nable to mount and unmount a tmpfs file system could use this flaw to cause\na denial of service or, potentially, escalate their privileges.\n(CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB Inside Out\nEdgeport Serial Driver implementation. An attacker with physical access to\na system could use this flaw to cause a denial of service. (CVE-2013-1774,\nLow)\n\nRed Hat would like to thank Andrew Honig of Google for reporting\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was\ndiscovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-April/019701.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0744.html", "published": "2013-04-24T02:13:29", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-April/019701.html", "cvelist": ["CVE-2012-6546", "CVE-2013-1797", "CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2013-1773", "CVE-2013-0913", "CVE-2012-6538", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2017-10-03T18:26:38"}, {"id": "CESA-2012:1580", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:1580\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* It was found that the RHSA-2012:0862 update did not correctly fix the\nCVE-2011-4131 issue. A malicious Network File System version 4 (NFSv4)\nserver could return a crafted reply to a GETACL request, causing a denial\nof service on the client. (CVE-2012-2375, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* A NULL pointer dereference flaw was found in the way a new node's hot\nadded memory was propagated to other nodes' zonelists. By utilizing this\nnewly added memory from one of the remaining nodes, a local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2012-5517,\nModerate)\n\n* It was found that the initial release of Red Hat Enterprise Linux 6 did\nnot correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the\next4 file system code. A local, unprivileged user with the ability to mount\nan ext4 file system could use this flaw to cause a denial of service.\n(CVE-2012-2100, Low)\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled overlapping, fragmented IPv6 packets. A remote attacker could\npotentially use this flaw to bypass protection mechanisms (such as a\nfirewall or intrusion detection system (IDS)) when sending network packets\nto a target system. (CVE-2012-4444, Low)\n\nRed Hat would like to thank Antonios Atlasis working with Beyond Security's\nSecuriTeam Secure Disclosure program and Loganaden Velvindron of AFRINIC\nfor reporting CVE-2012-4444. The CVE-2012-2375 issue was discovered by Jian\nLi of Red Hat, and CVE-2012-4565 was discovered by Rodrigo Freire of Red\nHat.\n\nThis update also fixes numerous bugs and adds one enhancement. Space \nprecludes documenting all of these changes in this advisory. Documentation\nfor these changes will be available shortly from the Red Hat Enterprise \nLinux 6.3 Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, fix these bugs and add the enhancement \nnoted in the Technical Notes. The system must be rebooted for this update \nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-December/019039.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1580.html", "published": "2012-12-19T16:28:42", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-December/019039.html", "cvelist": ["CVE-2011-4131", "CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517", "CVE-2009-4307"], "lastseen": "2017-10-03T18:26:53"}, {"id": "CESA-2013:1034", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1034\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Information leaks in the Linux kernel could allow a local, unprivileged\nuser to leak kernel memory to user-space. (CVE-2012-6544, CVE-2012-6545,\nCVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235, Low)\n\n* An information leak was found in the Linux kernel's POSIX signals\nimplementation. A local, unprivileged user could use this flaw to bypass\nthe Address Space Layout Randomization (ASLR) security feature.\n(CVE-2013-0914, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\nThis update also fixes the following bugs:\n\n* Previously on system boot, devices with associated Reserved Memory Region\nReporting (RMRR) information had lost their RMRR information after they\nwere removed from the static identity (SI) domain. Consequently, a system\nunexpectedly terminated in an endless loop due to unexpected NMIs triggered\nby DMA errors. This problem was observed on HP ProLiant Generation 7 (G7)\nand 8 (Gen8) systems. This update prevents non-USB devices that have RMRR\ninformation associated with them from being placed into the SI domain\nduring system boot. HP ProLiant G7 and Gen8 systems that contain devices\nwith the RMRR information now boot as expected. (BZ#957606)\n\n* Previously, the kernel's futex wait code used timeouts that had\ngranularity in milliseconds. Also, when passing these timeouts to system\ncalls, the kernel converted the timeouts to \"jiffies\". Consequently,\nprograms could time out inaccurately which could lead to significant\nlatency problems in certain environments. This update modifies the futex\nwait code to use a high-resolution timer (hrtimer) so the timeout\ngranularity is now in microseconds. Timeouts are no longer converted to\n\"jiffies\" when passed to system calls. Timeouts passed to programs are now\naccurate and the programs time out as expected. (BZ#958021)\n\n* A recent change modified the size of the task_struct structure in the\nfloating point unit (fpu) counter. However, on Intel Itanium systems, this\nchange caused the kernel Application Binary Interface (kABI) to stop\nworking properly when a previously compiled module was loaded, resulting in\na kernel panic. With this update the change causing this bug has been\nreverted so the bug can no longer occur. (BZ#966878)\n\n* The cxgb4 driver previously did not clear data structures used for\nfirmware requests. Consequently, when initializing some Chelsio's\nTerminator 4 (T4) adapters, a probe request could fail because the request\nwas incompatible with the adapter's firmware. This update modifies the\ncxgb4 driver to properly initialize firmware request structures before\nsending a request to the firmware and the problem no longer occurs.\n(BZ#971872)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/019845.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1034.html", "published": "2013-07-10T15:50:41", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/019845.html", "cvelist": ["CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-3222", "CVE-2013-0914", "CVE-2013-3235"], "lastseen": "2017-10-03T18:26:33"}, {"id": "CESA-2013:1645", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1645\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled certain UDP packets when the UDP Fragmentation Offload (UFO)\nfeature was enabled. A remote attacker could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-4387, Important)\n\n* A flaw was found in the way the Linux kernel handled the creation of\ntemporary IPv6 addresses. If the IPv6 privacy extension was enabled\n(/proc/sys/net/ipv6/conf/eth0/use_tempaddr set to '2'), an attacker on the\nlocal network could disable IPv6 temporary address generation, leading to a\npotential information disclosure. (CVE-2013-0343, Moderate)\n\n* A flaw was found in the way the Linux kernel handled HID (Human Interface\nDevice) reports with an out-of-bounds Report ID. An attacker with physical\naccess to the system could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2013-2888,\nModerate)\n\n* An off-by-one flaw was found in the way the ANSI CPRNG implementation in\nthe Linux kernel processed non-block size aligned requests. This could lead\nto random numbers being generated with less bits of entropy than expected\nwhen ANSI CPRNG was used. (CVE-2013-4345, Moderate)\n\n* It was found that the fix for CVE-2012-2375 released via RHSA-2012:1580\naccidentally removed a check for small-sized result buffers. A local,\nunprivileged user with access to an NFSv4 mount with ACL support could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system . (CVE-2013-4591, Moderate)\n\n* A flaw was found in the way IOMMU memory mappings were handled when\nmoving memory slots. A malicious user on a KVM host who has the ability to\nassign a device to a guest could use this flaw to crash the host.\n(CVE-2013-4592, Moderate)\n\n* Heap-based buffer overflow flaws were found in the way the Zeroplus and\nPantherlord/GreenAsia game controllers handled HID reports. An attacker\nwith physical access to the system could use these flaws to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-2889, CVE-2013-2892, Moderate)\n\n* Two information leak flaws were found in the logical link control (LLC)\nimplementation in the Linux kernel. A local, unprivileged user could use\nthese flaws to leak kernel stack memory to user space. (CVE-2012-6542,\nCVE-2013-3231, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user space. (CVE-2012-6545,\nCVE-2013-1928, CVE-2013-2164, CVE-2013-2234, Low)\n\n* A format string flaw was found in the Linux kernel's block layer.\nA privileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\nRed Hat would like to thank Stephan Mueller for reporting CVE-2013-4345,\nand Kees Cook for reporting CVE-2013-2851.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.5 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.5 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-November/000976.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1645.html", "published": "2013-11-26T13:32:01", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-November/000976.html", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2012-2375", "CVE-2013-3231", "CVE-2013-2892", "CVE-2013-4592", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-1929", "CVE-2013-2851", "CVE-2013-4387", "CVE-2013-0343", "CVE-2013-1928", "CVE-2013-2888", "CVE-2013-2164", "CVE-2013-2889", "CVE-2013-4591"], "lastseen": "2017-10-03T18:25:34"}, {"id": "CESA-2013:1173", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:1173\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation handled duplicate cookies. If a\nlocal user queried SCTP connection information at the same time a remote\nattacker has initialized a crafted SCTP connection to the system, it could\ntrigger a NULL pointer dereference, causing the system to crash.\n(CVE-2013-2206, Important)\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1304\nintroduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite\nimplementation. A local, unprivileged user could use this flaw to corrupt\nkernel memory via crafted sendmsg() calls, allowing them to cause a denial\nof service or, potentially, escalate their privileges on the system.\n(CVE-2013-2224, Important)\n\n* A flaw was found in the Linux kernel's Performance Events implementation.\nOn systems with certain Intel processors, a local, unprivileged user could\nuse this flaw to cause a denial of service by leveraging the perf subsystem\nto write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1\nmodel-specific registers. (CVE-2013-2146, Moderate)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel's Bluetooth implementation\ncould allow a local, unprivileged user to leak kernel memory to user-space.\n(CVE-2012-6544, Low)\n\n* An information leak flaw in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2237, Low)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-August/019918.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1173.html", "published": "2013-08-28T19:03:34", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2013-August/019918.html", "cvelist": ["CVE-2013-2206", "CVE-2013-2232", "CVE-2012-6544", "CVE-2013-2146", "CVE-2013-2237", "CVE-2012-3552", "CVE-2013-2224"], "lastseen": "2017-10-03T18:26:26"}, {"id": "CESA-2013:0496", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2013:0496\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-February/000553.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0496.html", "published": "2013-02-27T19:35:40", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-February/000553.html", "cvelist": ["CVE-2012-4508", "CVE-2013-0190", "CVE-2013-0311", "CVE-2012-4542", "CVE-2013-0310", "CVE-2013-0309"], "lastseen": "2018-04-04T13:00:19"}], "oraclelinux": [{"id": "ELSA-2013-0747-1", "type": "oraclelinux", "title": "1 ", "description": "kernel\n[2.6.18-348.4.1.0.1]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]\n[2.6.18-348.4.1]\n- [virt] xen-netback: backports (Andrew Jones) [910884 910885] {CVE-2013-0216}\n- [virt] xen-netback: netif_schedulable should take a netif (Andrew Jones) [910884 910885] {CVE-2013-0216}\n- [virt] pciback: rate limit error mess from pciback_enable_msi() (Igor Mammedov) [910876 910877] {CVE-2013-0231}\n- [net] be2net: remove BUG_ON() in be_mcc_compl_is_new() (Ivan Vecera) [923910 907524]\n- [net] ipv4: Update MTU to all related cache entries (Amerigo Wang) [923353 905190]\n- [net] annotate rt_hash_code() users (Amerigo Wang) [923353 905190]\n- [net] xfrm_user: fix info leak in copy_to_user_state() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_policy() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_tmpl() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] atm: fix info leak in getsockopt(SO_ATMPVC) (Thomas Graf) [922384 922385] {CVE-2012-6546}\n- [net] atm: fix info leak via getsockname() (Thomas Graf) [922384 922385] {CVE-2012-6546}\n- [net] tun: fix ioctl() based info leaks (Thomas Graf) [922348 922349] {CVE-2012-6547}\n- [net] llc, zero sockaddr_llc struct (Thomas Graf) [922327 922329] {CVE-2012-6542}\n- [net] llc: fix info leak via getsockname() (Thomas Graf) [922327 922329] {CVE-2012-6542}\n- [net] xfrm_user: return error pointer instead of NULL (Thomas Graf) [919386 919387] {CVE-2013-1826}\n- [net] ixgbevf: allocate room for mailbox MSI-X interrupt's name (Laszlo Ersek) [924134 862862]\n- [fs] knfsd: allow nfsd READDIR to return 64bit cookies (Niels de Vos) [924087 918952]", "published": "2013-04-16T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-0747-1.html", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2017-08-22T10:04:58"}, {"id": "ELSA-2013-0747", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "kernel\n[2.6.18-348.4.1]\n- [virt] xen-netback: backports (Andrew Jones) [910884 910885] {CVE-2013-0216}\n- [virt] xen-netback: netif_schedulable should take a netif (Andrew Jones) [910884 910885] {CVE-2013-0216}\n- [virt] pciback: rate limit error mess from pciback_enable_msi() (Igor Mammedov) [910876 910877] {CVE-2013-0231}\n- [net] be2net: remove BUG_ON() in be_mcc_compl_is_new() (Ivan Vecera) [923910 907524]\n- [net] ipv4: Update MTU to all related cache entries (Amerigo Wang) [923353 905190]\n- [net] annotate rt_hash_code() users (Amerigo Wang) [923353 905190]\n- [net] xfrm_user: fix info leak in copy_to_user_state() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_policy() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_tmpl() (Thomas Graf) [922426 922427] {CVE-2012-6537}\n- [net] atm: fix info leak in getsockopt(SO_ATMPVC) (Thomas Graf) [922384 922385] {CVE-2012-6546}\n- [net] atm: fix info leak via getsockname() (Thomas Graf) [922384 922385] {CVE-2012-6546}\n- [net] tun: fix ioctl() based info leaks (Thomas Graf) [922348 922349] {CVE-2012-6547}\n- [net] llc, zero sockaddr_llc struct (Thomas Graf) [922327 922329] {CVE-2012-6542}\n- [net] llc: fix info leak via getsockname() (Thomas Graf) [922327 922329] {CVE-2012-6542}\n- [net] xfrm_user: return error pointer instead of NULL (Thomas Graf) [919386 919387] {CVE-2013-1826}\n- [net] ixgbevf: allocate room for mailbox MSI-X interrupt's name (Laszlo Ersek) [924134 862862]\n- [fs] knfsd: allow nfsd READDIR to return 64bit cookies (Niels de Vos) [924087 918952]", "published": "2013-04-16T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-0747.html", "cvelist": ["CVE-2012-6546", "CVE-2012-6537", "CVE-2013-1826", "CVE-2012-6542", "CVE-2012-6547", "CVE-2013-0231", "CVE-2013-0216"], "lastseen": "2016-09-04T11:15:56"}, {"id": "ELSA-2013-0744", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.32-358.6.1]\n- [virt] kvm: accept unaligned MSR_KVM_SYSTEM_TIME writes (Petr Matousek) [917020 917021] {CVE-2013-1796}\n- [char] tty: hold lock across tty buffer finding and buffer filling (Prarit Bhargava) [928686 901780]\n- [net] tcp: fix for zero packets_in_flight was too broad (Thomas Graf) [927309 920794]\n- [net] tcp: frto should not set snd_cwnd to 0 (Thomas Graf) [927309 920794]\n- [net] tcp: fix an infinite loop in tcp_slow_start() (Thomas Graf) [927309 920794]\n- [net] tcp: fix ABC in tcp_slow_start() (Thomas Graf) [927309 920794]\n- [netdrv] ehea: avoid accessing a NULL vgrp (Steve Best) [921535 911359]\n- [net] sunrpc: Get rid of the redundant xprt->shutdown bit field (J. Bruce Fields) [915579 893584]\n- [virt] kvm: do not #GP on unaligned MSR_KVM_SYSTEM_TIME write (Gleb Natapov) [917020 917021] {CVE-2013-1796}\n- [drm] i915: bounds check execbuffer relocation count (Nikola Pajkovsky) [920523 920525] {CVE-2013-0913}\n- [x86] irq: add quirk for broken interrupt remapping on 55XX chipsets (Neil Horman) [911267 887006]\n- [kvm] Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache functions (Gleb Natapov) [917024 917025] {CVE-2013-1797}\n- [kvm] Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (Gleb Natapov) [917020 917021] {CVE-2013-1796}\n- [kvm] Fix bounds checking in ioapic indirect register reads (Gleb Natapov) [917030 917032] {CVE-2013-1798}\n- [kvm] x86: release kvmclock page on reset (Gleb Natapov) [917024 917025] {CVE-2013-1797}\n- [security] keys: Fix race with concurrent install_user_keyrings() (David Howells) [916681 913258] {CVE-2013-1792}\n- [virt] hv_balloon: Make adjustments to the pressure report (Jason Wang) [909156 902232]\n[2.6.32-358.5.1]\n- [fs] xfs: use maximum schedule timeout when ail is empty (Brian Foster) [921958 883905]\n- [net] xfrm_user: fix info leak in copy_to_user_tmpl() (Thomas Graf) [922428 922429] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_policy() (Thomas Graf) [922428 922429] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_state() (Thomas Graf) [922428 922429] {CVE-2012-6537}\n- [net] xfrm_user: fix info leak in copy_to_user_auth() (Thomas Graf) [922428 922429] {CVE-2012-6537}\n- [net] atm: fix info leak in getsockopt(SO_ATMPVC) (Thomas Graf) [922386 922387] {CVE-2012-6546}\n- [net] atm: fix info leak via getsockname() (Thomas Graf) [922386 922387] {CVE-2012-6546}\n- [fs] nls: improve UTF8 -> UTF16 string conversion routine (Nikola Pajkovsky) [916118 916119] {CVE-2013-1773}\n- [fs] fat: Fix stat->f_namelen (Nikola Pajkovsky) [916118 916119] {CVE-2013-1773}\n- [netdrv] tun: fix ioctl() based info leaks (Thomas Graf) [922350 922351] {CVE-2012-6547}\n- [virt] x86: Add a check to catch Xen emulation of Hyper-V (Andrew Jones) [923204 918239]\n- [fs] cifs: fix expand_dfs_referral (Sachin Prabhu) [923098 902492]\n- [fs] cifs: factor smb_vol allocation out of cifs_setup_volume_info (Sachin Prabhu) [923098 902492]\n- [fs] cifs: have cifs_cleanup_volume_info not take a double pointer (Sachin Prabhu) [923098 902492]\n- [fs] nfs: Dont allow NFS silly-renamed files to be deleted, no signal (Dave Wysochanski) [920266 905095]\n[2.6.32-358.4.1]\n- [fs] NLM: Ensure that we resend all pending blocking locks after a reclaim (Steve Dickson) [921150 913704]\n- [fs] xfs: remove log force from xfs_buf_cond_lock() (Brian Foster) [921961 896224]\n- [fs] xfs: recheck buffer pinned status after push trylock failure (Brian Foster) [921961 896224]\n- [fs] nfs: Ensure that we check lock exclusive/shared type against open modes (Dave Wysochanski) [920268 916324]\n- [powerpc] pseries: Fix partition migration hang in stop_topology_update (Steve Best) [921963 910597]\n- [infiniband] qib: correction for faulty sparse warning correction (Jay Fenlason) [922154 901701]\n- [usb] io_ti: Fix NULL dereference in chase_port() (Nikola Pajkovsky) [916198 916200] {CVE-2013-1774}\n- [net] bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Nikola Pajkovsky) [914690 914691] {CVE-2013-0349}\n- [char] tty: set_termios/set_termiox should not return -EINTR (Oleg Nesterov) [921145 904907]\n- [netdrv] ehea: fix VLAN support (Steve Best) [921535 911359]\n- [net] xfrm_user: return error pointer instead of NULL (Thomas Graf) [919388 919389] {CVE-2013-1826}\n- [net] dccp: check ccid before NULL poiter dereference (Weiping Pan) [919187 919188] {CVE-2013-1827}\n- [mm] tmpfs: fix use-after-free of mempolicy object (Nikola Pajkovsky) [915714 915715] {CVE-2013-1767}\n- [fs] fuse: set page_descs length in fuse_buffered_write() (Brian Foster) [916957 915135]\n- [fs] vfs: fix pointer dereference validation in d_validate (Carlos Maiolino) [915583 876600]\n- [fs] cifs: after upcalling for krb5 creds, invalidate key rather than revoking it (Niels de Vos) [912452 885899]\n- [fs] cifs: tmp_key_invalidate() should not set key->expiry to 0 (Niels de Vos) [912452 885899]\n- [block] disable discard request merge temporarily (Mike Snitzer) [911475 907844]\n[2.6.32-358.3.1]\n- [net] netfilter: improve out-of-sync situation in TCP tracking (Flavio Leitner) [917690 629857]", "published": "2013-04-23T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-0744.html", "cvelist": ["CVE-2012-6546", "CVE-2013-1797", "CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2013-1773", "CVE-2013-0913", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2016-09-04T11:16:28"}, {"id": "ELSA-2013-2520", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.32-400.26.2]\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}\n- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}\n- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}\n- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}\n- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}\n- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}\n- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}\n- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}\n- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}\n- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}", "published": "2013-04-24T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2520.html", "cvelist": ["CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2012-4508", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-6537", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2012-5517", "CVE-2013-0310", "CVE-2013-1796", "CVE-2013-1798", "CVE-2013-0309"], "lastseen": "2016-09-04T11:16:41"}, {"id": "ELSA-2013-2534", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel Security update", "description": "[2.6.32-400.29.1]\n- KVM: add missing void __user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to access_ok() call (Heiko Carstens) [Orabug: 16941620] {CVE-2013-1943}\n- KVM: Validate userspace_addr of memslot when registered (Takuya Yoshikawa) [Orabug: 16941620] {CVE-2013-1943}\n[2.6.32-400.28.1]\n- do_add_mount()/umount -l races (Jerry Snitselaar) [Orabug: 16311974]\n- tg3: fix length overflow in VPD firmware parsing (Kees Cook) [Orabug: 16837019] {CVE-2013-1929}\n- USB: cdc-wdm: fix buffer overflow (Oliver Neukum) [Orabug: 16837003] {CVE-2013-1860}\n- bonding: emit event when bonding changes MAC (Weiping Pan) [Orabug: 16579025]\n- sched: Fix ancient race in do_exit() (Joe Jin)\n- open debug in page_move_anon_rmap by default. (Xiaowei.Hu) [Orabug: 14046035]\n- block: default SCSI command filter does not accomodate commands overlap across device classes (Jamie Iles) [Orabug: 16387136] {CVE-2012-4542}\n- vma_adjust: fix the copying of anon_vma chains (Linus Torvalds) [Orabug: 14046035]\n- xen-netfront: delay gARP until backend switches to Connected (Laszlo Ersek) [Orabug: 16182568]\n- svcrpc: don't hold sv_lock over svc_xprt_put() (J. Bruce Fields) [Orabug: 16032824]\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}\n- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}\n- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}\n- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}\n- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}\n- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}\n- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}\n[2.6.32-400.27.1]\n- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}\n- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}\n- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- llc: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6542}\n- x86/mm: Check if PUD is large when validating a kernel address (Mel Gorman) [Orabug: 14251997]", "published": "2013-06-11T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2534.html", "cvelist": ["CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1860", "CVE-2013-1943", "CVE-2013-1792", "CVE-2013-1826", "CVE-2012-6542", "CVE-2013-6537", "CVE-2013-0349", "CVE-2013-1774", "CVE-2013-1929", "CVE-2012-6547", "CVE-2012-4542", "CVE-2012-5517", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2016-09-04T11:16:58"}, {"id": "ELSA-2013-1348", "type": "oraclelinux", "title": "Oracle linux 5 kernel update", "description": "kernel\r\n[2.6.18-371]\r\n- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [987539]\r\n \n[2.6.18-370]\r\n- [net] be2net: Fix to avoid hardware workaround when not needed (Ivan Vecera) [995961]\r\n- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970875] {CVE-2013-2141}\r\n \n[2.6.18-369]\r\n- [fs] nlm: Ensure we resend pending blocking locks after a reclaim (Steve Dickson) [918592]\r\n- [kernel] kmod: kthread_run causes oom killer deadlock (Frantisek Hrbata) [983506]\r\n- [fs] nfs4: ratelimit some messages, add name to bad seq-id mess (Dave Wysochanski) [953121]\r\n- [fs] nfsd: fix EXDEV checking in rename (J. Bruce Fields) [515599]\r\n- [misc] tty: Fix abusers of current-sighand->tty (Aaron Tomlin) [858981]\r\n- [net] ipv6: don't call addrconf_dst_alloc again when enable lo (Jiri Benc) [981417]\r\n- [redhat] kabi: Adding symbol fc_fabric_login (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_recv (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_reset (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_recv (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_destroy (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_els_send (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_destroy (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_fabric_logoff (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_set_mfs (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_elsct_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_link_up (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_recv_flogi (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_change_queue_depth (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fcoe_ctlr_link_down (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_change_queue_type (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_free (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_exch_mgr_alloc (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_lport_config (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_disc_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol strict_strtoul (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_rport_init (Jiri Olsa) [864256]\r\n- [redhat] kabi: Adding symbol fc_get_host_port_state (Jiri Olsa) [864256]\r\n \n[2.6.18-368]\r\n- [net] tg3: Add read dma workaround for 5720 (Ivan Vecera) [984064]\r\n- [net] tg3: Add New 5719 Read DMA workaround (Ivan Vecera) [984064]\r\n- [net] vlan: fix perf regression due to missing features flags (Michal Schmidt) [977711]\r\n \n[2.6.18-367]\r\n- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987648] {CVE-2013-4162}\r\n- [net] mlx4: restore pre-RHEL5.9 default value of log_num_mac (Michal Schmidt) [968352]\r\n- [x86_64] Fix kdump failure due to 'x86_64: Early segment setup' (Paolo Bonzini) [987244]\r\n- [fs] vfs: remove unused __d_splice_alias argument (J. Bruce Fields) [785916]\r\n- [fs] vfs: stop d_splice_alias creating directory aliases (J. Bruce Fields) [785916]\r\n- [xen] skip tracing if it was disabled instead of dying (Igor Mammedov) [967053]\r\n \n[2.6.18-366]\r\n- [net] be2net: Activate new FW after FW download for Lancer (Ivan Vecera) [982590]\r\n- [net] be2net: Fix initialization sequence for Lancer (Ivan Vecera) [982590]\r\n- [net] be2net: Fix FW download in Lancer (Ivan Vecera) [982590]\r\n- [net] qlge: Fix receive path to drop error frames (Chad Dupuis) [975852]\r\n- [net] qlge: remove NETIF_F_TSO6 flag (Chad Dupuis) [975852]\r\n- [net] qlge: Moving low level frame error to ethtool statistics (Chad Dupuis) [975852]\r\n- [net] qlge: Fixed double pci free on tx_ring->q allocation fail (Chad Dupuis) [975852]\r\n \n[2.6.18-365]\r\n- [net] be2net: Mark checksum fail for IP fragmented packets (Ivan Vecera) [956322]\r\n- [net] be2net: Avoid double insertion of vlan tags (Ivan Vecera) [956322]\r\n- [net] be2net: disable TX in be_close() (Ivan Vecera) [956322]\r\n- [net] be2net: fix EQ from getting full while cleaning RX CQ (Ivan Vecera) [956322]\r\n- [net] be2net: avoid napi_disable() when not enabled (Ivan Vecera) [956322]\r\n- [net] be2net: Fix receive Multicast Packets w/ Promiscuous mode (Ivan Vecera) [956322]\r\n- [net] be2net: Fixed memory leak (Ivan Vecera) [956322]\r\n- [net] be2net: Fix PVID tag offload for packets w/ inline VLAN tag (Ivan Vecera) [956322]\r\n- [net] be2net: fix a Tx stall bug caused by a specific ipv6 packet (Ivan Vecera) [956322]\r\n- [net] be2net: Remove an incorrect pvid check in Tx (Ivan Vecera) [956322]\r\n- [net] be2net: Fix issues in error recovery with wrong queue state (Ivan Vecera) [956322]\r\n- [net] netpoll: revert 6bdb7fe3104 and fix be_poll() instead (Ivan Vecera) [956322]\r\n- [net] be2net: Fix to parse RSS hash Receive completions correctly (Ivan Vecera) [956322]\r\n- [net] be2net: Fix cleanup path when EQ creation fails (Ivan Vecera) [956322]\r\n- [net] be2net: Fix Endian (Ivan Vecera) [956322]\r\n- [net] be2net: Fix to trim skb for padded vlan packets (Ivan Vecera) [956322]\r\n- [net] be2net: Explicitly clear reserved field in Tx Descriptor (Ivan Vecera) [956322]\r\n- [net] be2net: remove unnecessary usage of unlikely() (Ivan Vecera) [956322]\r\n- [net] be2net: do not modify PCI MaxReadReq size (Ivan Vecera) [956322]\r\n- [net] be2net: cleanup be_vid_config() (Ivan Vecera) [956322]\r\n- [net] be2net: don't call vid_config() when there no vlan config (Ivan Vecera) [956322]\r\n- [net] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [956322]\r\n- [net] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [956322]\r\n- [net] be2net: Fix VLAN/multicast packet reception (Ivan Vecera) [956322]\r\n- [net] be2net: fix wrong frag_idx reported by RX CQ (Ivan Vecera) [956322]\r\n- [infiniband] cxgb4: Compile when CXGB4 is set, not CXGB3 (Doug Ledford) [871555]\r\n- Revert: [infiniband] qib: add qib, mod ipath to only support HTX (Doug Ledford) [871555]\r\n- Revert: [infiniband] Enable Kconfig for ipath (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'Infiniband: make ipath' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'IB/ipath: Make ipath_port' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'IB/ipath: Convert from ...' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Revert upstream 'cpumask: use new cpumask' (Doug Ledford) [871555]\r\n- Revert: [infiniband] Import of backport patch from ofed 1.4.2 (Doug Ledford) [871555]\r\n- Revert: [infiniband] Pull in backport from ofed 1.4.2 (Doug Ledford) [871555]\r\n- Revert: [infiniband] aio_write not right entrypoint to use in our (Doug Ledford) [871555]\r\n- Revert: [infiniband] make up for lack of HT_IRQ config option (Doug Ledford) [871555]\r\n- Revert: [infiniband] Don't use vmalloc_user (Doug Ledford) [871555]\r\n- Revert: [infiniband] More device->class_device conversions (Doug Ledford) [871555]\r\n- Revert: [scsi] qla4xxx: ISP8xxx: Correct retry of adapter initial (Chad Dupuis) [978150]\r\n- [net] af_key: fix info leaks in notify messages (Jiri Benc) [981000] {CVE-2013-2234}\r\n- [net] af_key: initialize satype in key_notify_policy_flush() (Jiri Benc) [981224] {CVE-2013-2237}\r\n- [net] Fix panic for vlan over gre via tun (Thomas Graf) [981337]\r\n- [net] ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Jiri Pirko) [981557] {CVE-2013-2232}\r\n \n[2.6.18-364]\r\n- [net] sctp: Disallow new connection on a closing socket (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [net] sctp: Use correct sideffect command in dup cookie handling (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [net] sctp: deal with multiple COOKIE_ECHO chunks (Daniel Borkmann) [974936] {CVE-2013-2206}\r\n- [scsi] qla4xxx: Update vers to 5.02.04.06.05.10-d0 for Inbox rel (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: ISP8xxx: Correct retry of adapter initialization (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Fix req queue count manipulation on response path (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Fix targets not coming back if chap is enabled (Chad Dupuis) [978150]\r\n- [scsi] qla4xxx: Correct early completion of pending mbox (Chad Dupuis) [978150]\r\n- [net] fix invalid free in ip_cmsg_send() callers (Petr Matousek) [980142] {CVE-2013-2224}\r\n- [x86_64] Early segment setup for VT (Paolo Bonzini) [978305]\r\n- [block] cpqarray: info leak in ida_locked_ioctl() (Tomas Henzl) [971246] {CVE-2013-2147}\r\n- [net] tcp: bind() use stronger condition for bind_conflict (Flavio Leitner) [957604]\r\n \n[2.6.18-363]\r\n- [virt] netback: don't disconnect frontend with oversize packet (Andrew Jones) [971155]\r\n- [virt] netfront: reduce gso_max_size to account max TCP header (Andrew Jones) [971155]\r\n- [block] cdrom: use kzalloc() for failing hardware (Frantisek Hrbata) [973104] {CVE-2013-2164}\r\n- [block] cciss: Update version string (Linda Knippers) [919633]\r\n \n[2.6.18-362]\r\n- [block] cciss: Silence noisy per-device cciss messages (Tomas Henzl) [827515]\r\n- [fs] gfs2: flush work queue before clearing glock hash tables (Abhijith Das) [959532]\r\n- [fs] extN: tighten restrictions on inode flags (Eric Sandeen) [756309]\r\n- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849736] {CVE-2012-3511}\r\n- [internal] kernel.spec: add Provides line to kernel-debug-devel (Phillip Lougher) [709658]\r\n \n[2.6.18-361]\r\n- [fs] ext4: Avoid crashing on NULL ptr dereference on fs error (Carlos Maiolino) [867748]\r\n- [fs] ext4: set extents flag when migrating file to use extents (Carlos Maiolino) [867748]\r\n- [fs] ext4: Convert more i_flags references to use accessors (Carlos Maiolino) [867748]\r\n- [fs] ext4: Fix remaining racy updates of EXT4_I(inode)->i_flags (Carlos Maiolino) [867748]\r\n- [fs] ext4: Use bitops to read/modify i_flags in ext4_inode_info (Carlos Maiolino) [867748]\r\n- [fs] ext3/4: don't clear orphan list on ro mount with errors (Eric Sandeen) [850803]\r\n- [fs] jbd2: round commit timer up to avoid uncommitted transaction (Carlos Maiolino) [892393]\r\n- [scsi] ibmvfc: Ignore fabric RSCNs when link is dead (Steve Best) [964334]\r\n- [mm] Page migration: Don't accept invalid nodes in target nodeset (Jan Stancek) [848473]\r\n- [mm] Break out when there is nothing more to write for the fs. (Larry Woodman) [965359]\r\n- [sound] ALSA - fix the no-sound issue for Creative Recon3D cards (Jaroslav Kysela) [796912]\r\n \n[2.6.18-360]\r\n- [fs] zisofs: fix readpage() outside i_size (Eric Sandeen) [952860]\r\n- [net] fixed: fix module unloading for the 'fixed' driver (Nikolay Aleksandrov) [647894]\r\n- [net] ipv6: assign rt6_info to inet6_ifaddr in init_loopback (Jiri Benc) [971067]\r\n- [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955601] {CVE-2013-3224}\r\n- [block] gen8plus Smart Array IDs (Linda Knippers) [919633]\r\n- [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922416] {CVE-2012-6544}\r\n- [virt] xen PV passthru: assign SR-IOV VFs to sep virtual slots (Laszlo Ersek) [865736]\r\n- [scsi] be2iscsi: This patch bumps the version number (Rob Evers) [962503]\r\n- [scsi] be2iscsi: This patch fixes the NOPIN issues (Rob Evers) [962503]\r\n- [xen] cap physmem at 1TB (Andrew Jones) [961667]\r\n- [xen] cleanup invalid checksum error (Andrew Jones) [914814]\r\n- [xen] mask cpuid avx (Andrew Jones) [894360]\r\n \n[2.6.18-359]\r\n- [fs] autofs4: use __simple_empty() for empty directory check (Ian Kent) [873922]\r\n- [fs] autofs: remove autofs dentry mount check (Ian Kent) [928098]\r\n- [redhat] kabi: Adding symbol register_lro_netdev (Jiri Olsa) [873514]\r\n- [redhat] kabi: Adding symbol unregister_lro_netdev (Jiri Olsa) [873514]\r\n- [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920504] {CVE-2013-0914}\r\n- [net] ipv6: Fix broken IPv6 routing table after loopback down-up (Jiri Benc) [745321]\r\n- [v i r t ] h v : u s e g r a c e f u l l y s h u t d o w n i n s t e a d o f p o w e r o f f ( J a s o n W a n g ) [ 9 0 3 4 6 0 ] \r b r > - [ m d ] d m k c o p y d t h r o t t l i n g ( M i k u l a s P a t o c k a ) [ 9 5 8 5 5 6 ] \r b r > - [ s c s i ] s t o r v s c : P r o p e r l y h a n d l e i n - t r a n s i t p a c k e t s d u r i n g a r e s e t ( J a s o n W a n g ) [ 8 6 5 2 9 2 ] \r b r > - [ n e t ] s k y 2 : f i x s c h e d u l i n g w h i l e a t o m i c i n s k y 2 _ v l a n _ r x _ r e g i s t e r ( N i k o l a y A l e k s a n d r o v ) [ 9 2 0 7 5 7 ] \r b r > - [ x 8 6 ] f i x t i m e o u t o f p o l l ( 2 ) w / 3 2 - b i t p r o c e s s e s o n x 8 6 _ 6 4 ( N a o y a H o r i g u c h i ) [ 7 9 4 6 7 0 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 8 ] \r b r > - [ n e t ] t g 3 : b u f f e r o v e r f l o w i n V P D f i r m w a r e p a r s i n g ( J a c o b T a n e n b a u m ) [ 9 4 9 9 4 0 ] { C V E - 2 0 1 3 - 1 9 2 9 } \r b r > - [ n e t ] a t m : u p d a t e m s g _ n a m e l e n i n v c c _ r e c v m s g ( ) ( N i k o l a P a j k o v s k y ) [ 9 5 5 2 2 3 ] { C V E - 2 0 1 3 - 3 2 2 2 } \r b r > - [ i a 6 4 ] f i x K A B I b r e a k a g e o n i a 6 4 ( P r a r i t B h a r g a v a ) [ 9 6 0 7 8 3 ] \r b r > - [ c p u f r e q ] a c p i - c p u f r e q m o r e d e f e n s i v e a g a i n s t B I O S f r e q c h a n g e s ( L e n n y S z u b o w i c z ) [ 9 2 1 8 5 6 ] \r b r > - [ n e t ] t c p : c o n n e c t ( ) r a c e w i t h t i m e w a i t r e u s e ( J i r i P i r k o ) [ 9 4 7 0 3 8 ] \r b r > - [ b l o c k ] i d e : A l l o w c o n f i g u r a t i o n o f p r e f e r _ m s _ h y p e r v ( R a d o m i r V r b o v s k y ) [ 9 0 7 2 3 1 ] \r b r > - [ i n f i n i b a n d ] R e t u r n l i n k l a y e r t y p e t o u s e r s p a c e q u e r y p o r t o p ( J a y F e n l a s o n ) [ 8 6 6 3 3 1 ] \r b r > - [ s c s i ] i p r : F i x o o p s w h i l e r e s e t t i n g a n i p r a d a p t e r ( S t e v e B e s t ) [ 9 1 4 3 9 1 ] \r b r > - [ n e t ] i p v 6 : R e m o v e I P V 6 _ A D D R _ R E S E R V E D ( A m e r i g o W a n g ) [ 7 2 8 9 2 2 ] \r b r > - [ n e t ] I P _ M U L T I C A S T _ I F s e t s o c k o p t n o w r e c o g n i z e s s t r u c t m r e q ( J i r i P i r k o ) [ 8 4 7 6 1 3 ] \r b r > - [ n e t ] r e d u c e p e r c p u r a m u s e d f o r l o o p b a c k s t a t s ( W e i p i n g P a n ) [ 8 7 2 4 6 6 ] \r b r > - [ n e t ] i p v 4 : c h e c k o p t l e n f o r I P _ M U L T I C A S T _ I F o p t i o n ( J i r i P i r k o ) [ 8 6 6 7 4 3 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 7 ] \r b r > - [ f s ] e x t 4 : p r e v e n t r a c e w h i l e w a l k i n g e x t e n t t r e e f o r f i e m a p ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : F i x p o s s i b l y v e r y l o n g l o o p i n f i e m a p ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : m a k e F I E M A P a n d d e l a y e d a l l o c a t i o n p l a y w e l l t o g e t h e r ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : h a n d l e N U L L p _ e x t i n e x t 4 _ e x t _ n e x t _ a l l o c a t e d _ b l o c k ( ) ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] e x t 4 : d r o p e c _ t y p e f r o m t h e e x t 4 _ e x t _ c a c h e s t r u c t u r e ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] a f s : e x p o r t a c o u p l e o f c o r e f u n c t i o n s f o r A F S w r i t e s u p p o r t ( L u k a s C z e r n e r ) [ 6 9 2 0 7 1 ] \r b r > - [ f s ] c i f s : s h o w s e c = o p t i o n i n / p r o c / m o u n t s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : I n t r o d u c e w o r k a r o u n d f o r c r y p t o m o d u l e l o a d i n g p r o b l e m ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x e x t e n d e d s e c u r i t y a u t h f a i l u r e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : s i l e n c e p r i n t k w h e n e s t a b l i s h i n g f i r s t s e s s o n s o c k e t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x s i g n f a i l u r e w h e n s e r v m a n d a t e s s i g n f o r N T L M S S P ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : S u p p o r t N T L M 2 s e s s s e c u r i t y d u r N T L M S S P a u t h e n t i c a t e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : i g n o r e e v e r y t h i n g i n S P N E G O b l o b a f t e r m e c h T y p e s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : c h e c k o f f s e t i n d e c o d e _ n t l m s s p _ c h a l l e n g e ( ) ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : e n d i a n f i x i n d e c o d e _ n t l m s s p _ c h a l l e n g e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - c r e a t e & s e n d k e y s f o r k e y e x c h a n g e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : m v ' n t l m s s p ' & ' l o c a l _ l e a s e s ' o p t s f r o m e x p e r i m e n t a l ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : R e m o v e d i s t i n c t i o n b e t w e e n r a w n t l m s s p a n d n t l m s s p . ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x b r o k e n s e c = n t l m v 2 / i s e c o p t i o n ( t r y # 2 ) ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - m i n o r e r r o r c o r r e c t i o n s a n d c l e a n u p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h / s i g n - A l l o c s e s s k e y / c l i e n t r e s d y n a m i c a l l y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M a u t h e n t & s i g n i n g - C a l c a u t h r e s p o n s e p e r s e s s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m a u t h e n t & s i g n i n g - p r o p e r a v / t i p a i r f o r n t l m v 2 ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : f i x m o d u l e r e f c o u n t l e a k i n f i n d _ d o m a i n _ n a m e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m a u t h e n t & s i g n i n g - F i x r e s p o n s e l e n f o r n t l m v 2 ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M v 2 / N T L M S S P n t l m v 2 w i t h i n n t l m s s p a u t h e n t i c a t e c o d e ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M v 2 / N T L M S S P C h a n g e v a r n a m e m a c _ k e y t o s e s s i o n k e y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : n t l m v 2 / n t l m s s p r e m f u n c t i o n C a l c N T L M v 2 _ p a r t i a l _ m a c _ k e y ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : h a v e d e c o d e _ n e g T o k e n I n i t s e t f l a g s i n s e r v e r s t r u c t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : e l i m i n a t e ' f i r s t _ t i m e ' p a r m t o C I F S _ S e s s S e t u p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : A l l o w r a w n t l m s s p c o d e t o b e e n a b l e d w i t h s e c = n t l m s s p ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : F i x S M B u i d i n N T L M S S P a u t h e n t i c a t e r e q u e s t ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : N T L M S S P r e e n a b l e d a f t e r m o v e f r o m c o n n e c t . c t o s e s s . c ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ f s ] c i f s : A d d r e m a i n i n g n t l m s s p f l a g s & s t a n d a r d i z e f i e l d n a m e s ( S a c h i n P r a b h u ) [ 8 0 6 4 8 1 ] \r b r > - [ m i s c ] g e n a l l o c : s t o p c r a s h i n g t h e s y s t e m w h e n d e s t r o y i n g a p o o l ( S t e v e B e s t ) [ 8 5 9 1 9 4 ] \r b r > - [ x 8 6 ] m m : i n t r o d u c e p r o p e r m e m b a r r i e r s s m p _ i n v a l i d a t e _ i n t e r r u p t ( R a f a e l A q u i n i ) [ 8 6 5 0 9 5 ] \r b r > - [ x 8 6 ] A d d s y s c t l t o a l l o w p a n i c o n I O C K N M I e r r o r ( P r a r i t B h a r g a v a ) [ 9 1 8 2 7 9 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 6 ] \r b r > - [ f s ] n f s : f l u s h c a c h e d d i r i n f o r m a t i o n s l i g h t l y m o r e r e a d i l y ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s : F i x r e s o l u t i o n p r o b w i t h c a c h e _ c h a n g e _ a t t r i b u t e ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s : d e f i n e f u n c t i o n t o u p d a t e n f s i - > c a c h e _ c h a n g e _ a t t r i b u t e ( S c o t t M a y h e w ) [ 8 5 3 1 4 5 ] \r b r > - [ f s ] n f s v 4 : S a v e t h e o w n e r / g r o u p n a m e s t r i n g w h e n d o i n g o p e n ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : D o n ' t d o i d m a p p e r u p c a l l s f o r a s y n c h r o n o u s R P C c a l l s ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : F i x c a c h e v a l i d a t e b u g w h e r e g e t c w d ( ) r e t u r n s E N O E N T ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : S i m p l i f y s o m e c a c h e c o n s i s t e n c y p o s t - o p G E T A T T R s ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : s e t f a t t r - > v a l i d t o r e f l e c t w h a t w a s d e c o d e d ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : C l e a n u p d e c o d e _ g e t f a t t r ( ) ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s v 4 : S u p p o r t N F S v 4 o p t i o n a l a t t r s i n t h e s t r u c t n f s _ f a t t r ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ f s ] n f s : F i x n f s _ p o s t _ o p _ u p d a t e _ i n o d e _ f o r c e _ w c c ( ) ( S c o t t M a y h e w ) [ 6 0 9 2 5 2 ] \r b r > - [ m d ] s h u t d o w n , d o n ' t s w i t c h t o R O , m a r k c l e a n a n d s e t s a f e m o d e = 2 ( J e s S o r e n s e n ) [ 8 6 4 7 2 7 ] \r b r > - [ n e t ] c x g b 4 : z e r o o u t a n o t h e r f i r m w a r e r e q u e s t s t r u c t ( J a y F e n l a s o n ) [ 8 7 2 5 3 1 ] \r b r > - [ n e t ] c x g b 4 : c l e a r o u t m o s t f i r m w a r e r e q u e s t s t r u c t u r e s ( J a y F e n l a s o n ) [ 8 7 2 5 3 1 ] \r b r > - [ n e t ] e t h t o o l : a l l o w e n a b l e G R O e v e n i f R X c s u m i s d i s a b l e d ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ n e t ] e n a b l e G R O b y d e f a u l t f o r v l a n d e v i c e s ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ n e t ] b o n d i n g : e n a b l e g r o b y d e f a u l t ( I v a n V e c e r a ) [ 8 9 4 6 3 6 ] \r b r > - [ m m ] w r i t e b a c k : r e m o v e u n n e c e s s a r y w a i t i n t h r o t t l e _ v m _ w r i t e o u t ( ) ( F r a n t i s e k H r b a t a ) [ 8 2 2 7 6 8 ] \r b r > - [ m m ] t h r o t t l e _ v m _ w r i t e o u t : d o n ' t l o o p o n G F P _ N O F S / G F P _ N O I O a l l o c ( F r a n t i s e k H r b a t a ) [ 8 2 2 7 6 8 ] \r b r > - [ c h a r ] r a n d o m : m i x i n a r c h i t e c t u r a l r a n d o m n e s s i n e x t r a c t _ b u f ( ) ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : U s e a r c h - s p e c i f i c R N G t o i n i t t h e e n t r o p y s t o r e ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] r a n d o m : V e r i f y R D R A N D f u n c t i o n a n d a l l o w i t t o b e d i s a b l e d ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] r a n d o m : A r c h i n l i n e s t o g e t r a n d o m i n t e g e r s w i t h R D R A N D ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : A d d s u p p o r t f o r a r c h i t e c t u r a l r a n d o m h o o k s ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : m a k e m i x i n g i n t e r f a c e b y t e - o r i e n t e d ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : r e m o v e s o m e p r e f e t c h l o g i c ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ c h a r ] r a n d o m : i m p r o v e v a r i a b l e n a m i n g , c l e a r e x t r a c t b u f f e r ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d c l e a r _ c p u _ c a p ( ) o p e r a t i o n ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] 3 2 - b i t , a d d a l t e r n a t i v e _ i o ( ) ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d X 8 6 _ F E A T U R E _ R D R A N D ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] a d d A S M _ O U T P U T 2 ( P r a r i t B h a r g a v a ) [ 8 7 1 5 5 9 ] \r b r > - [ x 8 6 ] m c e , k e r n e l s u p p o r t s M C E f o r N e h a l e m ( P r a r i t B h a r g a v a ) [ 9 5 8 9 0 5 ] \r b r > - [ s c s i ] q l a 2 x x x : A d d a m u t e x a r o u n d u s e o f o p t r o m v a r i a b l e s . ( C h a d D u p u i s ) [ 7 9 5 5 5 0 ] \r b r > - [ n e t ] b e 2 n e t : f i x w r o n g f r a g _ i d x r e p o r t e d b y R X C Q ( I v a n V e c e r a ) [ 8 6 2 5 2 0 ] \r b r > - [ n e t ] b n x 2 x : P r e v e n t N U L L p o i n t e r d e r e f e r e n c e i n k d u m p ( M i c h a l S c h m i d t ) [ 8 6 7 3 0 2 ] \r b r > - [ s c s i ] c x g b 4 i h o t - u n p l u g ( J a y F e n l a s o n ) [ 7 8 6 0 2 4 ] \r b r > - [ n e t ] b o n d : a d d s u p p o r t t o r e a d s p e e d a n d d u p l e x v i a e t h t o o l ( A n d y G o s p o d a r e k ) [ 7 0 4 5 7 5 ] \r b r > - [ n e t ] n e t p o l l : w o r k a r o u n d a r a c e c o n d i t i o n ( A m e r i g o W a n g ) [ 7 4 2 4 9 5 ] \r b r > - [ n e t ] I P V 6 : A l l o w a d d r e s s c h a n g e s w h i l e a d m i n i s t r a t i v e d o w n ( F l a v i o L e i t n e r ) [ 8 6 8 6 2 2 ] \r b r > - [ s o u n d ] A L S A - H D A - f i x N U L L p o i n t e r d e r e f e r e n c e f o r A L C 2 6 8 ( J a r o s l a v K y s e l a ) [ 9 0 1 3 3 7 ] \r b r > - [ s c s i ] c c i s s : u s e l u n r e s e t n o t t a r g e t r e s e t ( T o m a s H e n z l ) [ 8 9 3 0 4 9 ] \r b r > - [ n e t ] i g b v f : w o r k a r o u n d i 3 5 0 e r r a t u m ( S t e f a n A s s m a n n ) [ 8 7 8 9 0 4 ] \r b r > - [ n e t ] l l c : F i x m i s s i n g m s g _ n a m e l e n u p d a t e i n l l c _ u i _ r e c v m s g ( ) ( J e s p e r B r o u e r ) [ 9 5 6 0 9 7 ] { C V E - 2 0 1 3 - 3 2 3 1 } \r b r > - [ n e t ] t i p c : f i x i n f o l e a k s v i a m s g _ n a m e i n r e c v _ m s g / r e c v _ s t r e a m ( J e s p e r B r o u e r ) [ 9 5 6 1 4 9 ] { C V E - 2 0 1 3 - 3 2 3 5 } \r b r > - [ n e t ] B l u e t o o t h : R F C O M M F i x i n f o l e a k i n i o c t l ( R F C O M M G E T D E V L I S T ) ( R a d o m i r V r b o v s k y ) [ 9 2 2 4 0 7 ] { C V E - 2 0 1 2 - 6 5 4 5 } \r b r > - [ n e t ] B l u e t o o t h : R F C O M M - F i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( R a d o m i r V r b o v s k y ) [ 9 2 2 4 0 7 ] { C V E - 2 0 1 2 - 6 5 4 5 } \r b r > - [ k e r n e l ] M a k e f u t e x _ w a i t ( ) u s e a n h r t i m e r f o r t i m e o u t ( P r a r i t B h a r g a v a ) [ 8 6 4 6 4 8 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 5 ] \r b r > - [ c h a r ] i p m i : u s e a t a s k l e t f o r h a n d l i n g r e c e i v e d m e s s a g e s ( T o n y C a m u s o ) [ 9 4 7 7 3 2 ] \r b r > - [ c h a r ] i p m i : d o r u n _ t o _ c o m p l e t i o n p r o p e r l y i n d e l i v e r _ r e c v _ m s g ( T o n y C a m u s o ) [ 9 4 7 7 3 2 ] \r b r > - [ f s ] n f s 4 : f i x l o c k i n g a r o u n d c l _ s t a t e _ o w n e r s l i s t ( D a v e W y s o c h a n s k i ) [ 9 4 8 3 1 7 ] \r b r > - [ s 3 9 0 ] q e t h : f i x q e t h _ w a i t _ f o r _ t h r e a d s ( ) d e a d l o c k f o r O S N d e v i c e s ( H e n d r i k B r u e c k n e r ) [ 9 5 2 4 5 1 ] \r b r > - [ f s ] e x t 4 : c h e c k f o r z e r o l e n g t h e x t e n t ( L u k a s C z e r n e r ) [ 8 6 6 4 3 3 ] \r b r > - [ n e t ] b e 2 n e t : f i x b e _ c l o s e ( ) t o e n s u r e a l l e v e n t s a r e a c k ' e d ( I v a n V e c e r a ) [ 9 5 0 1 3 7 ] \r b r > - [ n e t ] b e 2 n e t : f i x a r a c e i n b e _ x m i t ( ) ( I v a n V e c e r a ) [ 9 4 9 9 5 9 ] \r b r > - [ k e r n e l ] k m o d : a v o i d d e a d l o c k f r o m r e c u r s i v e r e q u e s t _ m o d u l e c a l l ( F r a n t i s e k H r b a t a ) [ 9 4 9 5 6 8 ] \r b r > - [ n e t ] n e t x e n : w r i t e I P a d d r e s s t o f i r m w a r e w h e n u s i n g b o n d i n g ( N i k o l a y A l e k s a n d r o v ) [ 7 5 6 5 0 2 ] \r b r > - [ s 3 9 0 ] k e r n e l : s c h e d _ c l o c k ( ) o v e r f l o w ( H e n d r i k B r u e c k n e r ) [ 9 0 3 3 3 8 ] \r b r > - [ n e t ] d e v i n e t : R e g i s t e r i n e t d e v e a r l i e r ( J i r i P i r k o ) [ 7 7 0 8 1 3 ] \r b r > - [ f s ] n f s : F i x b u g s o n s h o r t r e a d ( S a c h i n P r a b h u ) [ 9 2 4 0 1 1 ] \r b r > - [ f s ] n f s : D o n ' t a l l o w N F S s i l l y - r e n a m e d f i l e s t o b e d e l e t e d ( D a v e W y s o c h a n s k i ) [ 9 0 6 4 7 2 ] \r b r > - [ x e n ] A M D I O M M U : s p o t m i s s i n g I O - A P I C e n t r i e s i n I V R S t a b l e ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : M a k e p e r - d e v i c e i n t e r r u p t r e m a p t a b l e d e f a u l t ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : D i s a b l e I O M M U i f S A T A C o m b i n e d m o d e i s o n ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A M D , I O M M U : O n c r e a t i n g e n t r y c l e a n u p i n r e m a p p i n g t a b l e s ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] A C P I : a c p i _ t a b l e _ p a r s e ( ) s h o u l d r e t u r n h a n d l e r ' s e r r c o d e ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > - [ x e n ] i n t r o d u c e x z a l l o c ( ) & C o ( I g o r M a m m e d o v ) [ 9 1 0 9 1 3 ] { C V E - 2 0 1 3 - 0 1 5 3 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 4 ] \r b r > - [ x 8 6 ] f p u : f i x C O N F I G _ P R E E M P T = y c o r r u p t i o n o f F P U s t a c k ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ i 3 8 6 ] a d d s l e a z y F P U o p t i m i z a t i o n ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ x 8 6 - 6 4 ] n o n l a z y ' s l e a z y ' f p u i m p l e m e n t a t i o n ( P r a r i t B h a r g a v a ) [ 7 3 1 5 3 1 ] \r b r > - [ n e t ] b e 2 n e t : f i x c a l l i n g _ _ v l a n _ p u t _ t a g ( ) a f t e r e t h _ t y p e _ t r a n s ( ) ( I v a n V e c e r a ) [ 9 1 6 6 4 0 ] \r b r > - [ n e t ] b e 2 n e t : i n c r e m e n t / d e c r e m e n t v l a n s _ a d d e d o n l y o n c e ( I v a n V e c e r a ) [ 9 2 2 2 2 3 ] \r b r > - [ n e t ] t g 3 : u s e P C I P M c o r e f u n c s n o t d i r e c t a c c e s s t o r e g i s t e r s ( I v a n V e c e r a ) [ 8 6 6 8 2 2 ] \r b r > - [ f s ] e x t 3 : f i x u p d a t e o f m t i m e a n d c t i m e o n r e n a m e ( C a r l o s M a i o l i n o ) [ 9 1 9 1 9 1 ] \r b r > - [ f s ] n f s : h a n d l e g e t a t t r f a i l u r e d u r i n g n f s v 4 o p e n ( D a v i d J e f f e r y ) [ 9 0 6 9 0 9 ] \r b r > - [ p c i ] r e a d - m o d i f y - w r i t e P C I e d e v c o n t r o l r e g w h e n i n i t i a t i n g F L R ( M y r o n S t o w e ) [ 8 5 4 0 0 1 ] \r b r > - [ f s ] e x t 3 : f i x w r o n g g f p t y p e u n d e r t r a n s a c t i o n ( L u k a s C z e r n e r ) [ 8 1 6 6 6 5 ] \r b r > - [ p c i ] i n t e l - i o m m u : P r e v d e v s w i t h R M R R s f r o m g o i n g i n S I D o m a i n ( T o n y C a m u s o ) [ 8 3 9 3 3 4 ] \r b r > - [ n e t ] t c p : f i x > 2 i w s e l e c t i o n ( D a n i e l B o r k m a n n ) [ 8 7 1 7 8 7 ] \r b r > - [ a t a ] s a t a _ s v w : c h e c k D M A s t a r t b i t b e f o r e r e s e t ( D a v i d M i l b u r n ) [ 7 5 4 3 1 1 ] \r b r > - [ s 3 9 0 ] q e t h : s e t n e w m a c e v e n i f o l d m a c i s g o n e ( H e n d r i k B r u e c k n e r ) [ 8 8 3 4 5 9 ] \r b r > - [ s 3 9 0 ] q e t h : f i x d e a d l o c k b e t w e e n r e c o v e r y a n d b o n d i n g d r i v e r ( H e n d r i k B r u e c k n e r ) [ 8 6 9 6 4 6 ] \r b r > - [ s 3 9 0 ] d a s d : c h e c k c o u n t a d d r e s s d u r i n g o n l i n e s e t t i n g ( H e n d r i k B r u e c k n e r ) [ 8 5 9 5 2 7 ] \r b r > - [ s 3 9 0 ] h u g e t l b : u s e d i r e c t T L B f l u s h i n g f o r h u g e t l b f s p a g e s ( H e n d r i k B r u e c k n e r ) [ 8 6 1 1 7 8 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 3 ] \r b r > - [ v i r t ] x e n - n e t b a c k : b a c k p o r t s ( A n d r e w J o n e s ) [ 9 1 0 8 8 5 ] { C V E - 2 0 1 3 - 0 2 1 6 C V E - 2 0 1 3 - 0 2 1 7 } \r b r > - [ v i r t ] x e n - n e t b a c k : n e t i f _ s c h e d u l a b l e s h o u l d t a k e a n e t i f ( A n d r e w J o n e s ) [ 9 1 0 8 8 5 ] { C V E - 2 0 1 3 - 0 2 1 6 C V E - 2 0 1 3 - 0 2 1 7 } \r b r > - [ v i r t ] p c i b a c k : r a t e l i m i t e r r o r m e s s f r o m p c i b a c k _ e n a b l e _ m s i ( ) ( I g o r M a m m e d o v ) [ 9 1 0 8 7 7 ] { C V E - 2 0 1 3 - 0 2 3 1 } \r b r > - [ n e t ] b e 2 n e t : r e m o v e B U G _ O N ( ) i n b e _ m c c _ c o m p l _ i s _ n e w ( ) ( I v a n V e c e r a ) [ 9 0 7 5 2 4 ] \r b r > - [ n e t ] i p v 4 : U p d a t e M T U t o a l l r e l a t e d c a c h e e n t r i e s ( A m e r i g o W a n g ) [ 9 0 5 1 9 0 ] \r b r > - [ n e t ] a n n o t a t e r t _ h a s h _ c o d e ( ) u s e r s ( A m e r i g o W a n g ) [ 9 0 5 1 9 0 ] \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ s t a t e ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ p o l i c y ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] x f r m _ u s e r : f i x i n f o l e a k i n c o p y _ t o _ u s e r _ t m p l ( ) ( T h o m a s G r a f ) [ 9 2 2 4 2 7 ] { C V E - 2 0 1 2 - 6 5 3 7 } \r b r > - [ n e t ] a t m : f i x i n f o l e a k i n g e t s o c k o p t ( S O _ A T M P V C ) ( T h o m a s G r a f ) [ 9 2 2 3 8 5 ] { C V E - 2 0 1 2 - 6 5 4 6 } \r b r > - [ n e t ] a t m : f i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( T h o m a s G r a f ) [ 9 2 2 3 8 5 ] { C V E - 2 0 1 2 - 6 5 4 6 } \r b r > - [ n e t ] t u n : f i x i o c t l ( ) b a s e d i n f o l e a k s ( T h o m a s G r a f ) [ 9 2 2 3 4 9 ] { C V E - 2 0 1 2 - 6 5 4 7 } \r b r > - [ n e t ] l l c , z e r o s o c k a d d r _ l l c s t r u c t ( T h o m a s G r a f ) [ 9 2 2 3 2 9 ] { C V E - 2 0 1 2 - 6 5 4 2 } \r b r > - [ n e t ] l l c : f i x i n f o l e a k v i a g e t s o c k n a m e ( ) ( T h o m a s G r a f ) [ 9 2 2 3 2 9 ] { C V E - 2 0 1 2 - 6 5 4 2 } \r b r > - [ n e t ] x f r m _ u s e r : r e t u r n e r r o r p o i n t e r i n s t e a d o f N U L L ( T h o m a s G r a f ) [ 9 1 9 3 8 7 ] { C V E - 2 0 1 3 - 1 8 2 6 } \r b r > - [ k e r n e l ] w a i t _ f o r _ h e l p e r : S I G C H L D f r o m u / s c a u s e u s e - a f t e r - f r e e ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] F i x _ _ _ _ c a l l _ u s e r m o d e h e l p e r e r r s b e i n g s i l e n t l y i g n o r e d ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] w a i t _ f o r _ h e l p e r : r e m o v e u n n e e d e d d o _ s i g a c t i o n ( ) ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] k m o d : a v o i d d e a d l o c k f r o m r e c u r s i v e k m o d c a l l ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ k e r n e l ] k m o d : m a k e r e q u e s t _ m o d u l e ( ) k i l l a b l e ( F r a n t i s e k H r b a t a ) [ 8 5 8 7 5 3 ] { C V E - 2 0 1 2 - 4 3 9 8 } \r b r > - [ n e t ] i x g b e v f : a l l o c a t e r o o m f o r m a i l b o x M S I - X i n t e r r u p t ' s n a m e ( L a s z l o E r s e k ) [ 8 6 2 8 6 2 ] \r b r > - [ f s ] k n f s d : a l l o w n f s d R E A D D I R t o r e t u r n 6 4 b i t c o o k i e s ( N i e l s d e V o s ) [ 9 1 8 9 5 2 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 2 ] \r b r > - [ u t r a c e ] e n s u r e a r c h _ p t r a c e ( ) c a n n e v e r r a c e w i t h S I G K I L L ( O l e g N e s t e r o v ) [ 9 1 2 0 7 2 ] { C V E - 2 0 1 3 - 0 8 7 1 } \r b r > - [ x 8 6 ] m s r : A d d c a p a b i l i t i e s c h e c k ( N i k o l a P a j k o v s k y ) [ 9 0 8 6 9 7 ] { C V E - 2 0 1 3 - 0 2 6 8 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 1 ] \r b r > - [ m i s c ] t a i n t e d f l a g s , f i x b u f f e r s i z e ( P r a r i t B h a r g a v a ) [ 9 0 1 5 4 7 ] \r b r > - [ n e t ] b e 2 n e t : f i x u n c o n d i t i o n a l l y r e t u r n i n g I R Q _ H A N D L E D i n I N T x ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > - [ n e t ] b e 2 n e t : f i x I N T x I S R f o r i n t e r r u p t b e h a v i o u r o n B E 2 ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > - [ n e t ] b e 2 n e t : f i x a p o s s i b l e e v e n t s _ g e t ( ) r a c e o n B E 2 ( I v a n V e c e r a ) [ 8 7 8 3 1 6 ] \r b r > \r b r > [ 2 . 6 . 1 8 - 3 5 0 ] \r b r > - [ f i r m w a r e ] E x p a n d k e r n e l b o o t - t i m e s t o r a g e f o r D M I t a b l e s t r u c t s ( L e n n y S z u b o w i c z ) [ 8 6 2 8 6 5 ] \r b r > - [ f s ] u d f : F o r t i f y l o a d i n g o f s p a r i n g t a b l e ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > - [ f s ] u d f : I m p r o v e t a b l e l e n g t h c h e c k t o a v o i d p o s s i b l e o v e r f l o w ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > - [ f s ] u d f : A v o i d r u n a w a y l o o p w h e n p a r t i t i o n t a b l e i s c o r r u p t e d ( N i k o l a P a j k o v s k y ) [ 8 4 3 1 4 1 ] { C V E - 2 0 1 2 - 3 4 0 0 } \r b r > \r b r > [ 2 . 6 . 1 8 - 3 4 9 ] \r b r > - [ p c i ] i n t e l - i o m m u : r e d u c e m a x n u m o f d o m a i n s s u p p o r t e d ( D o n D u t i l e ) [ 8 8 5 1 2 5 ] \r b r > - [ f s ] g f s 2 : F i x l e a k o f c a c h e d d i r e c t o r y h a s h t a b l e ( S t e v e n W h i t e h o u s e ) [ 8 3 1 3 3 0 ] \r b r > - [ x 8 6 ] m m : r a n d o m i z e S H L I B _ B A S E ( P e t r M a t o u s e k ) [ 8 0 4 9 5 4 ] { C V E - 2 0 1 2 - 1 5 6 8 } \r b r > - [ n e t ] b e 2 n e t : c r e a t e R S S r i n g s e v e n i n m u l t i - c h a n n e l c o n f i g s ( I v a n V e c e r a ) [ 8 7 8 2 0 9 ] \r b r > - [ n e t ] t g 3 : A v o i d d m a r e a d e r r o r ( J o h n F e e n e y ) [ 8 7 7 4 7 4 ] \r b r > - [ m i s c ] F i x u n s u p p o r t e d h a r d w a r e m e s s a g e ( P r a r i t B h a r g a v a ) [ 8 7 6 5 8 7 ] \r b r > - [ n e t ] i p v 6 : d i s c a r d o v e r l a p p i n g f r a g m e n t ( J i r i P i r k o ) [ 8 7 4 8 3 8 ] { C V E - 2 0 1 2 - 4 4 4 4 } \r b r > - [ u s b ] F i x s e r i a l p o r t r e f e r e n c e c o u n t i n g o n h o t p l u g r e m o v e ( D o n Z i c k u s ) [ 8 4 5 4 4 7 ] \r b r > - [ n e t ] b r i d g e : e x p o r t i t s p r e s e n c e a n d f i x b o n d i n g i g m p r e p o r t i n g ( V e a c e s l a v F a l i c o ) [ 8 4 3 4 7 3 ] \r b r > - [ f s ] n f s : m o v e w a i t f o r s e r v e r - > a c t i v e f r o m p u t _ s u p e r t o k i l l _ s b ( J e f f L a y t o n ) [ 8 3 9 8 3 9 ] \r b r > - [ s c s i ] l i b f c : f i x i n d e f i n i t e r p o r t r e s t a r t ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ s c s i ] l i b f c : R e t r y a r e j e c t e d P R L I r e q u e s t ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ s c s i ] l i b f c : F i x r e m o t e p o r t r e s t a r t p r o b l e m ( N e i l H o r m a n ) [ 5 9 5 1 8 4 ] \r b r > - [ x e n ] m e m o p : l i m i t g u e s t s p e c i f i e d e x t e n t o r d e r ( L a s z l o E r s e k ) [ 8 7 8 4 5 0 ] { C V E - 2 0 1 2 - 5 5 1 5 } \r b r > - [ x e n ] g e t b o t t o m o f E B D A f r o m t h e m u l t i b o o t d a t a s t r u c t u r e ( P a o l o B o n z i n i ) [ 8 8 1 8 8 5 ] \r b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 2 - 4 3 9 8 . h t m l \" > C V E - 2 0 1 2 - 4 3 9 8 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > b c 4 c f b 8 5 c b 3 e 4 7 a 7 4 a 8 6 9 b 8 6 9 8 c d d 2 6 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 d c f 0 1 3 3 2 2 e d 6 3 6 1 e b 3 b 7 2 f 2 9 c 7 2 6 e f 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 0 6 6 8 c c 7 1 5 4 f 7 f d 9 1 4 c f c 2 6 b 0 e 7 3 2 d d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 9 0 b 8 d 1 a 4 e a f 1 c c 4 6 b b 7 f 2 a c 2 6 0 b 9 c 1 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 7 5 5 e 4 d 4 c 0 5 9 b b e 3 c 5 a 8 c f 6 0 1 b d d e 0 c d f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > a 1 e e 8 e 5 f 6 9 1 e 0 f 9 3 a a 3 4 9 9 e 6 3 0 5 4 6 b f 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 3 8 6 . r p m / t d > t d > 4 a f 3 4 7 c 0 7 e 0 5 7 a 5 1 6 2 b 6 0 3 c f e 4 f 0 4 6 a 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 0 e 2 f 5 0 a b 2 8 6 3 c c 3 5 7 7 0 9 3 4 7 a 9 a 5 8 e 7 b a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 0 a 7 b 3 a 1 1 f 8 4 1 2 4 9 b 0 5 2 9 d f 4 7 9 a 3 3 4 4 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 d 0 e 4 4 f 3 8 b 8 7 4 9 4 e 6 0 c 7 e c a a 3 d f 1 0 0 b d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 P A E - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 8 a e 0 3 d 1 c 5 8 7 b 3 6 5 7 d 6 a d d b 9 0 0 3 8 c 5 6 4 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 5 8 6 9 b a c e 1 6 d 3 b b 7 c c e f 8 b 5 5 e 8 8 1 e 0 0 6 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 b a b 6 5 1 4 4 5 d 5 d 9 1 b 5 0 6 e b 3 1 0 3 e 6 8 2 6 6 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > e 8 c 6 b 7 3 e 2 8 4 8 4 5 6 8 7 5 d 4 c 2 c 6 2 7 a c 3 7 8 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 P A E - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > f 4 c 4 e 7 1 e 5 2 3 c 4 f 4 9 1 1 b b 8 5 7 7 8 7 3 8 8 2 d 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 8 e d 0 2 c c 1 2 9 6 b c 6 5 6 8 7 c a e f e 0 a b 7 b b 0 2 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 7 9 e d 3 a 9 3 9 a 0 4 4 4 f 3 8 3 5 d 2 8 f 6 d 5 3 1 6 2 f 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i a 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 1 0 b b f 3 a 1 8 a e 0 e d 7 7 0 9 9 0 8 2 d 7 c f 9 6 b 4 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > e a d d 9 c b 3 3 3 6 3 0 5 2 2 4 7 0 9 a e 1 1 e 7 5 d d c 1 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > b 6 1 c d 8 a 4 6 8 0 9 2 e e d 8 a 2 c b f 5 3 5 c 2 a 5 1 0 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 5 e 9 e 8 b d d 2 7 c 7 5 8 8 c 7 9 e 8 e e d 6 6 f 8 8 b 2 d d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 5 9 1 9 9 9 f 0 4 7 0 4 d b 8 6 7 c 8 9 8 0 0 8 a a 8 6 c d 4 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 4 a 6 c 8 4 2 c 2 9 3 d d 9 f f 7 4 f 7 5 d c 1 e 9 6 f 0 a f f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . i a 6 4 . r p m / t d > t d > 9 f 5 a c c 5 4 8 f b e a 7 c b 9 6 e a 9 4 4 1 7 1 6 f f 9 7 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > d f 5 d d a c e b c 9 2 0 e e 8 0 1 5 1 8 7 a 1 4 3 1 6 5 1 3 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > f 7 2 c 2 3 c e d 3 b c d f 6 9 0 2 7 0 5 5 0 6 7 4 f 8 b d c 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 1 e e d 8 b 3 1 7 e 4 f f f 7 3 8 8 0 c 8 0 6 8 d 6 e 3 8 d f 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 0 6 c 1 6 8 3 e 8 c f 9 8 7 2 2 8 d e e c 8 3 6 1 0 d b 1 3 d 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > d d 0 f 7 c 0 7 4 4 9 9 f 1 0 7 7 7 3 7 6 9 b e 8 7 b 6 6 1 5 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > e 0 0 1 1 b f 1 d c 3 8 0 d 3 8 7 a 7 4 5 b 5 d 6 e e 2 6 4 d 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . s r c . r p m / t d > t d > 0 5 f 1 0 a 5 d c 1 6 e a 6 e 0 7 3 3 8 0 7 a c 6 9 7 8 3 9 f e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . s r c . r p m / t d > t d > 4 9 a 6 c e 2 e a 3 a 1 3 c 1 0 5 a 1 1 9 6 2 2 4 a 0 0 e 5 2 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 5 0 5 2 4 7 2 0 3 1 0 3 b b 1 6 1 a b 5 3 e 3 c 8 e a e c 1 0 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 7 a 2 e 6 4 6 2 4 2 f 1 4 4 6 9 9 5 3 5 1 8 4 1 d 1 a e 1 b d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 1 4 b a b d 4 f c 8 6 9 7 0 d 5 a 8 3 3 b 7 e b 2 8 a 8 2 8 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > e e e 1 b f 9 5 b 0 b 9 1 b 2 7 c f 4 5 f f 2 b 7 e f d 3 a f b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 9 e 9 9 3 0 b 2 0 3 4 5 1 8 3 d 5 b e 6 f 2 f 0 6 4 b 0 d a e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 3 7 1 . e l 5 . n o a r c h . r p m / t d > t d > a a 1 7 0 3 0 a b 5 5 2 a d b b 1 3 1 9 5 0 f 9 e 3 d 1 8 e 6 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > e 0 9 0 d 7 b 9 e a 7 c e 4 3 a f 9 d f 7 c 3 7 e 8 c 2 4 a 6 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > b 0 4 9 8 6 1 8 9 4 9 4 5 f 3 e e 3 c 8 7 a 1 1 4 d a 5 a 6 8 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 3 7 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > f 2 0 4 f 5 8 8 d d 6 9 7 3 9 c c e 7 6 3 a 2 5 a 7 8 f 0 e 8 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > d 9 7 1 6 1 b 5 1 2 0 4 0 e c 3 a 8 6 1 d 5 0 d 2 a d b e 2 b 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 2 8 6 d 7 c d f 7 8 d 1 e e 2 f d 8 8 e a 7 e 1 d 9 d f 8 9 6 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 1 . 4 . 1 0 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > b 5 8 a a e f e f 1 5 9 6 f a 0 e 2 4 4 c 9 7 2 f 9 5 d d f b 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 6 0 c 8 5 5 7 c c f 2 9 0 3 4 9 c c 1 8 8 a 9 f a 0 2 4 8 c a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 1 9 b 2 7 c f d 5 6 6 9 1 4 a c 8 6 f 1 7 d a 1 8 c 7 f d 7 3 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 3 7 1 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > c 2 c d 8 3 0 c 4 a 8 b 6 0 6 8 5 1 a e 6 d 2 d 2 8 0 a 5 2 e 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2013-10-02T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-1348.html", "cvelist": ["CVE-2013-2234", "CVE-2012-6546", "CVE-2013-0871", "CVE-2012-6537", "CVE-2013-2141", "CVE-2012-5515", "CVE-2013-2206", "CVE-2013-0268", "CVE-2012-4444", "CVE-2013-3231", "CVE-2012-3511", "CVE-2013-1826", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-2147", "CVE-2013-4162", "CVE-2012-6542", "CVE-2013-0153", "CVE-2012-1568", "CVE-2013-0217", "CVE-2013-1929", "CVE-2012-6547", "CVE-2013-2232", "CVE-2012-6544", "CVE-2013-0231", "CVE-2013-3222", "CVE-2012-4398", "CVE-2013-0914", "CVE-2013-2237", "CVE-2013-0216", "CVE-2013-2224", "CVE-2012-3400", "CVE-2013-3235", "CVE-2013-2164"], "lastseen": "2018-04-04T13:04:36"}, {"id": "ELSA-2012-2047", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.39-300.17.3]\n- mm/hotplug: correctly add new zone to all other nodes zone lists (Jiang Liu)\n [Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517}\n- Divide by zero in TCP congestion control Algorithm. (Jesper Dangaard Brouer)\n [Orabug: 16020656 Bug-db: 14798] {CVE-2012-4565}\n- Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [Bug-\n db: 14798] {CVE-2012-2375}\n- Avoid reading past buffer when calling GETACL (Sachin Prabhu) [Bug-db: 14798]\n {CVE-2012-2375}\n- Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [Bug-db: 14798]\n {CVE-2012-2375}", "published": "2012-12-19T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-2047.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2016-09-04T11:16:53"}, {"id": "ELSA-2012-2048", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.32-300.39.2]\n- ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang) [orabug 16020245] {CVE-2012-2100}\n- Divide by zero in TCP congestion control Algorithm (Jesper Dangaard Brouer) [orabug 16020447] {CVE-2012-4565}\n- ipv6: discard overlapping fragment (Luis Henriques) [orabug 16021354] {CVE-2012-4444}", "published": "2012-12-20T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-2048.html", "cvelist": ["CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565"], "lastseen": "2016-09-04T11:16:26"}, {"id": "ELSA-2012-1580", "type": "oraclelinux", "title": "kernel security, bug fix and enhancement update", "description": "[2.6.32-279.19.1.el6]\n- [drm] i915: dont clobber the pipe param in sanitize_modesetting (Frantisek Hrbata) [876549 857792]\n- [drm] i915: Sanitize BIOS debugging bits from PIPECONF (Frantisek Hrbata) [876549 857792]\n- [net] fix divide by zero in tcp algorithm illinois (Flavio Leitner) [871920 866514] {CVE-2012-4565}\n- [fs] xfs: fix reading of wrapped log data (Dave Chinner) [876499 874322]\n- [x86] mm: fix signedness issue in mmap_rnd() (Petr Matousek) [876496 875036]\n- [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [877950 872799]\n- [fs] block_dev: Fix crash when block device is read and block size is changed at the same time (Frantisek Hrbata) [864826 855906]\n- [mm] tracing: Move include of trace/events/kmem.h out of header into slab.c (Jeff Moyer) [864826 855906]\n- [mm] slab: Move kmalloc tracepoint out of inline code (Jeff Moyer) [864826 855906]\n- [netdrv] bnx2x: organize BDs calculation for stop/resume (Frantisek Hrbata) [874022 819842]\n- [netdrv] bnx2x: fix panic when TX ring is full (Michal Schmidt) [874022 819842]\n[2.6.32-279.18.1.el6]\n- [scsi] sd: fix crash when UA received on DIF enabled device (Ewan Milne) [876487 865682]\n- [mm] hugetlb: fix non-atomic enqueue of huge page (Rafael Aquini) [876101 869750]\n- [x86] amd_iommu: attach device fails on the last pci device (Don Dutile) [876493 861164]\n- [net] nfs: Fix buffer overflow checking in __nfs4_get_acl_uncached (Frantisek Hrbata) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix the acl cache size calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: nfs_getaclargs.acl_len is a size_t (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Dont use private xdr_stream fields in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix pointer arithmetic in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Simplify the GETATTR attribute length calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Add the helper xdr_stream_pos (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Dont decode beyond the end of the RPC reply message (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Clean up xdr_set_iov() (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: xdr_read_pages needs to clear xdr->page_ptr (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [fs] nfs: Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [fs] nfs: Avoid reading past buffer when calling GETACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [scsi] ibmvfc: Fix double completion on abort timeout (Steve Best) [876088 865115]\n- [net] core: allocate skbs on local node (Andy Gospodarek) [876491 843163]\n[2.6.32-279.17.1.el6]\n- [mm] Prevent kernel panic in NUMA related system calls after memory hot-add (Larry Woodman) [875382 870350] {CVE-2012-5517}\n- [md] Dont truncate size at 4TB for RAID0 and Linear (Jes Sorensen) [866470 865637]\n- [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Lukas Czerner) [809690 809691] {CVE-2012-2100}\n- [fs] ext4: fix undefined behavior in ext4_fill_flex_info() (Lukas Czerner) [809690 809691] {CVE-2012-2100}\n- [kernel] sched_rt: Ignore RT queue throttling if idle task has RT policy (Igor Mammedov) [853950 843541]\n- [kernel] sched: Create special class for stop/migrate work (Igor Mammedov) [853950 843541]\n- [net] ipv6: fix overlap check for fragments (Amerigo Wang) [874550 819952] {CVE-2012-4444}\n- [net] ipv6: discard overlapping fragment (Jiri Pirko) [874550 819952] {CVE-2012-4444}\n[2.6.32-279.16.1.el6]\n- [lib] Fix rwsem to not hang the system (David Howells) [871854 852847]\n[2.6.32-279.15.1.el6]\n- [netdrv] mlx4: Re-design multicast attachments flow (Doug Ledford) [866795 859533]", "published": "2012-12-19T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-1580.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2016-09-04T11:16:23"}, {"id": "ELSA-2013-2507", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security and bug fix update", "description": " [2.6.39-400.17.1] \r\n- This is a fix on dlm_clean_master_list() (Xiaowei.Hu) \r\n- RDS: fix rds-ping spinlock recursion (jeff.liu) [Orabug: 16223050] \r\n- vhost: fix length for cross region descriptor (Michael S. Tsirkin) [Orabug: \r\n16387183] {CVE-2013-0311} \r\n- kabifix: block/scsi: Allow request and error handling timeouts to be \r\nspecified (Maxim Uvarov) \r\n- block/scsi: Allow request and error handling timeouts to be specified (Martin \r\nK. Petersen) [Orabug: 16372401] \r\n- [SCSI] Shorten the path length of scsi_cmd_to_driver() (Li Zhong) [Orabug: \r\n16372401] \r\n- Fix NULL dereferences in scsi_cmd_to_driver (Mark Rustad) [Orabug: 16372401] \r\n- SCSI: Fix error handling when no ULD is attached (Martin K. Petersen) \r\n[Orabug: 16372401] \r\n- Handle disk devices which can not process medium access commands (Martin K. \r\nPetersen) [Orabug: 16372401] \r\n- the ac->ac_allow_chain_relink=0 won't disable group relink (Xiaowei.Hu) \r\n[Orabug: 14842737] \r\n- pci: hotplug: fix null dereference in pci_set_payload() (Jerry Snitselaar) \r\n[Orabug: 16345420] \r\n \n[2.6.39-400.16.0] \r\n- epoll: prevent missed events on EPOLL_CTL_MOD (Eric Wong) [Orabug: 16363540] \r\n- rds: this resolved crash while removing rds_rdma module. orabug: 16268201 \r\n(Bang Nguyen) [Orabug: 16268201] \r\n- rds: scheduling while atomic on failover orabug: 16275095 (Bang Nguyen) \r\n[Orabug: 16268201] \r\n- SRP: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n- iSER: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n \n[2.6.39-400.15.0] \r\n- x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS. (Jan \r\nBeulich) {CVE-2013-0228} \r\n- xen-blkfront: drop the use of llist_for_each_entry_safe (Konrad Rzeszutek \r\nWilk) [Orabug: 16263164] \r\n- Revert 'xen PVonHVM: use E820_Reserved area for shared_info' (Konrad \r\nRzeszutek Wilk) [Orabug: 16297716] \r\n- Revert 'xen/PVonHVM: fix compile warning in init_hvm_pv_info' (Konrad \r\nRzeszutek Wilk) \r\n \n[2.6.39-400.14.0] \r\n- xfs: use shared ilock mode for direct IO writes by default (Dave Chinner) \r\n[Orabug: 16304938] \r\n- sched: fix divide by zero at {thread_group,task}_times (Stanislaw Gruszka) \r\n[Orabug: 15956690] \r\n- Revert 'Revert 'cgroup: notify_on_release may not be triggered in some \r\ncases'' (Maxim Uvarov) \r\n- xen_fmr: Verify XEN platform before running xen_fmr drivers (Yuval Shaia) \r\n[Orabug: 16302435] \r\n- rds: unregister IB event handler on shutdown (Bang Nguyen) [Orabug: 16302435] \r\n- rds: HAIP support child interface (Bang Nguyen) [Orabug: 16302435] \r\n- RDS HAIP misc fixes (Bang Nguyen) [Orabug: 16302435] \r\n- Ignore failover groups if HAIP is disabled (Bang Nguyen) [Orabug: 16302435] \r\n- RDS: RDS rolling upgrade (Saeed Mahameed) [Orabug: 16302435] \r\n- mlx4_core: use correct FMR number of clients according to PRM. (Saeed \r\nMahameed) [Orabug: 16302435] \r\n \n[2.6.39-400.13.0] \r\n- kmod: make __request_module() killable (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- kmod: introduce call_modprobe() helper (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: implement UMH_KILLABLE (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: introduce umh_complete(sub_info) (Oleg Nesterov) [Orabug: \r\n16286305] {CVE-2012-4398} \r\n- KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set \r\n(CVE-2012-4461) (Jerry Snitselaar) [Orabug: 16286290] {CVE-2012-4461} \r\n- exec: do not leave bprm->interp on stack (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- exec: use -ELOOP for max recursion depth (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}() (Jan \r\nBeulich) [Orabug: 16243736] {CVE-2013-0231} \r\n- netback: correct netbk_tx_err to handle wrap around. (Ian Campbell) [Orabug: \r\n16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: free already allocated memory on failure in \r\nxen_netbk_get_requests (Ian Campbell) [Orabug: 16243309] {CVE-2013-0216 \r\nCVE-2013-0217} \r\n- xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop. (Ian \r\nCampbell) [Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: shutdown the ring if it contains garbage. (Ian Campbell) \r\n[Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- SCSI: scsi_remove_target: fix softlockup regression on hot remove (Dan \r\nWilliams) [Orabug: 16242926] \r\n \n[2.6.39-400.12.0] \r\n- IB: Add config options for Mellanox driver Xen FMR support. (Ajaykumar \r\nHotchandani) [Orabug: 16234102] \r\n- IB: Enable Xen FMR support for Mellanox driver. (Ajaykumar Hotchandani) \r\n[Orabug: 16234102] \r\n \n[2.6.39-400.11.0] \r\n- cnic: don't use weak dependencies for ipv6 (Jerry Snitselaar) [Orabug: \r\n16207564] \r\n- ext4: remove unaligned AIO warning printk (Eric Sandeen) [Orabug: 14096480] \r\n- SPEC: add block/net modules to list used by installer (Guru Anbalagane) \r\n[Orabug: 14224837] \r\n- dm mpath: add retain_attached_hw_handler feature (Mike Snitzer) [Orabug: \r\n16199397] \r\n- [SCSI] scsi_dh: add scsi_dh_attached_handler_name (Mike Snitzer) [Orabug: \r\n16199397] \r\n- xen/grant-table: Force to use v1 of grants. (Konrad Rzeszutek Wilk) [Oracle- \r\nbug: 16039922] \r\n- xen: netback: handle compound page fragments on transmit. (Ian Campbell) \r\n- xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests. \r\n(Andrew Cooper) {CVE-2013-0190} \r\n- xen/grant-table: correctly initialize grant table version 1 (Matt Wilson) \r\n \n[2.6.39-400.10.0] \r\n- btrfs: fix incompatible pointer warning (Jerry Snitselaar) \r\n- bnx2x: enable support for ethtool op get_rxfh_indir_size (Jerry Snitselaar) \r\n- Revert 'cgroup: notify_on_release may not be triggered in some cases' (Maxim \r\nUvarov) [Orabug: 16167473] \r\n- mlx4: disable build for i686 (Maxim Uvarov) \r\n \n[2.6.39-400.9.0] \r\n- mlx4_ib: alias_GUID, calculate slave port state in sa query handler \r\n(Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- RDS: Fixes warning while rds-info. spin_lock_irqsave() is changed to \r\nspin_lock_bh(). (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- mlx4_en: handle HCA events correctly (Ajaykumar Hotchandani) [Orabug: \r\n15997083] \r\n- ixgbevf fix typo in Makefile (Maxim Uvarov) [Orabug: 16168292] \r\n- [patch3/3] kernel config: Mellanox OFED R2, 0080 release (Ajaykumar \r\nHotchandani) [Orabug: 15997083] \r\n- [patch2/3] RDS merge for UEK2 (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- [patch1/3] Merge for Mellanox OFED R2, 0080 release (Ajaykumar Hotchandani) \r\n[Orabug: 15997083] \r\n \n[2.6.39-400.8.0] \r\n- git-changelog: don't print debug info (Maxim Uvarov) \r\n- spec: remove not used firmwares (Maxim Uvarov) [Orabug: 16048277] \r\n \n[2.6.39-400.7.0] \r\n- git-changelog: search for bug # in merge commit (Maxim Uvarov) \r\n- be2iscsi: Bump the driver version (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix Unrecoverable Error Detection (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix for MBX timeout issue (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the copyright information (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix issue of displaying adapter family. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix Task Completion Event handling (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix session update context with V2 version. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix support for V2 version of WRB. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix support for handling CQ_CREATE V2 version. (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max EQ supported by the driver. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix driver support for an adapter. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix return value and typo. (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix kernel panic in blk_iopoll disable mode. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Issue an FLR when driver is loaded (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Display driver name and version in device attribute (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max supported EQ count to 8. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix memory leak in control path of driver (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Display Completion Event string instead of Opcode (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the issue with soft reset. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- netxen: update to qlogic 4.0.80 (Sritej Velaga) [Orabug: 16025025] \r\n- qlge: update to qlogic 1.00.00.31 (Sritej Velaga) [Orabug: 16025042] \r\n- qlcnic: Update to 5.1.27.35 (Sritej Velaga) [Orabug: 16024990] \r\n- [SCSI] scsi_dh_alua: Add fusionio ION LUNs to scsi_dh_alua device list (Mike \r\nChristie) [Orabug: 16081231] \r\n- bonding: fixup typo in rlb mode of bond and bridge fix (Guru Anbalagane) \r\n[Orabug: 16069448] \r\n- qla4xxx: Updated driver version to 5.03.00.01.06.02-uek2 (Tej Parkash) \r\n[Orabug: 16067337] \r\n- qla4xxx: Correct the validation to check in get_sys_info mailbox (Nilesh \r\nJavali) [Orabug: 16067337] \r\n- qla4xxx: Pass correct function param to qla4_8xxx_rd_direct (Vikas Chaudhary) \r\n[Orabug: 16067337] \r\n- qla4xxx: Fix memory corruption issue in qla4xxx_get_ep_fwdb. (Manish \r\nRangankar) [Orabug: 16067337] \r\n- qla4xxx: Allow reset in link down case (Harish Zunjarrao) [Orabug: 16067337] \r\n- qla4xxx: Fix MBOX intr switching from polling to intr mode for ISP83XX (Vikas \r\nChaudhary) [Orabug: 16067337] \r\n- [SCSI] hpsa: change confusing message to be more clear (Mike Miller) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: retry commands completing with status of UNSOLICITED_ABORT \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: use ioremap_nocache instead of ioremap (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: fix incorrect abort diagnostic message (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: dial down lockup detection during firmware flash (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add new RAID level '1(ADM)' (Mike Miller) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out hpsa_free_irqs_and_disable_msix (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: refine interrupt handler locking for greater concurrency (Matt \r\nGates) [Orabug: 14793661] \r\n- [SCSI] hpsa: use multiple reply queues (Matt Gates) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out tail calls to next_command() in \r\nprocess_(non)indexed_cmd() (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do aborts two ways (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add abort error handler function (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: remove unused parameter from finish_cmd (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: do not give up retry of driver cmds after only 3 retries \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: retry driver initiated commands on busy status (Matt Bondurant) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: suppress excessively chatty error messages (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: enable bus master bit after pci_enable_device (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do not skip disabled devices (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: call pci_disable_device on driver unload (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: factor out driver name (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: gen8plus Smart Array IDs (Mike Miller) [Orabug: 14793661] \r\n \n[2.6.39-400.6.0] \r\n- qla3xxx: Ensure request/response queue addr writes to the registers (Joe Jin) \r\n[Orabug: 14614290] \r\n- tcp: fix tcp_trim_head() (Eric Dumazet) [Orabug: 14810429] \r\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) \r\n[Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517} \r\n- Divide by zero in TCP congestion control Algorit h m . ( J e s p e r D a n g a a r d B r o u e r ) \r b r > [ O r a b u g : 1 6 0 2 0 6 5 6 B u g - d b : 1 4 7 9 8 ] { C V E - 2 0 1 2 - 4 5 6 5 } \r b r > - F i x l e n g t h o f b u f f e r c o p i e d i n _ _ n f s 4 _ g e t _ a c l _ u n c a c h e d ( S a c h i n P r a b h u ) [ B u g - \r b r > d b : 1 4 7 9 8 ] { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - A v o i d r e a d i n g p a s t b u f f e r w h e n c a l l i n g G E T A C L ( S a c h i n P r a b h u ) [ B u g - d b : 1 4 7 9 8 ] \r b r > { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - A v o i d b e y o n d b o u n d s c o p y w h i l e c a c h i n g A C L ( S a c h i n P r a b h u ) [ B u g - d b : 1 4 7 9 8 ] \r b r > { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 # b u g 1 6 0 1 1 1 5 4 ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > s n i t s - p u b l i c ( M a x i m U v a r o v ) [ O r a b u g : 1 6 0 1 1 1 5 4 ] \r b r > - q l a 2 x x x : U p d a t e t h e d r i v e r v e r s i o n t o 8 . 0 4 . 0 0 . 1 1 . 3 9 . 0 - k . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : O b t a i n l o o p b a c k i t e r a t i o n c o u n t f r o m b s g r e q u e s t . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : U p d a t e t h e F T P s i t e r e f e r e n c e s i n t h e d r i v e r s o u r c e s . ( G i r i d h a r \r b r > M a l a v a l i ) \r b r > - q l a 2 x x x : D e b u g I D c o r r e c t i o n s . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : R e j e c t l o o p b a c k r e q u e s t i f o n e i s a l r e a d y i n p r o g r e s s . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : P r i n t i g n o r e m e s s a g e w h e n t h e r m a l i s n o t s u p p o r t e d . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : A v o i d n u l l p o i n t e r d e r e f e r e n c e i n s h u t d o w n r o u t i n e . ( M a s a n a r i I i d a ) \r b r > - q l a 2 x x x : G e t V P D i n f o r m a t i o n f r o m c o m m o n l o c a t i o n f o r C N A . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : C o r r e c t r a c e i n l o o p _ s t a t e a s s i g n m e n t d u r i n g r e s e t h a n d l i n g . ( A n d r e w \r b r > V a s q u e z ) \r b r > - q l a 2 x x x : D i s p l a y t h a t d r i v e r i s o p e r a t i n g i n l e g a c y i n t e r r u p t m o d e . ( S a u r a v \r b r > K a s h y a p ) \r b r > - q l a 2 x x x : F r e e r s p _ d a t a e v e n o n e r r o r i n q l a 2 x 0 0 _ p r o c e s s _ l o o p b a c k ( ) . ( S t e v e \r b r > H o d g s o n ) \r b r > - q l a 2 x x x : D o n t c l e a r d r v a c t i v e o n i o s p a c e c o n f i g f a i l u r e . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : F i x t y p o i n q l a 2 x x x d r i v e r . ( M a s a n a r i I i d a ) \r b r > - q l a 2 x x x : U p d a t e q l 2 x e x t e n d e d _ e r r o r _ l o g g i n g p a r a m e t e r d e s c r i p t i o n w i t h n e w \r b r > o p t i o n . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : P a r a m e t e r i z e t h e l i n k s p e e d s t r i n g c o n v e r s i o n f u n c t i o n . ( J o e \r b r > C a r n u c c i o ) \r b r > - q l a 2 x x x : A d d 1 6 G b / s c a s e t o g e t p o r t s p e e d c a p a b i l i t y . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : M o v e m a r k i n g f c p o r t o n l i n e a h e a d o f s e t t i n g i i D M A s p e e d . ( J o e \r b r > C a r n u c c i o ) \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 . 5 . 0 # b u g d b 1 3 8 2 6 ' o f c a - g i t . u s . o r a c l e . c o m : l i n u x - m u v a r o v - \r b r > p u b l i c ( M a x i m U v a r o v ) [ B u g - d b : 1 3 8 2 6 ] \r b r > - b e 2 n e t : f i x I N T x I S R f o r i n t e r r u p t b e h a v i o u r o n B E 2 ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x a p o s s i b l e e v e n t s _ g e t ( ) r a c e o n B E 2 ( S a t h y a P e r l a ) \r b r > - n e t : R e m o v e b o g u s d e p e n d e n c i e s o n I N E T ( B e n H u t c h i n g s ) \r b r > - b e 2 n e t : r e m o v e a d a p t e r - > e q _ n e x t _ i d x ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e r o c e o n l a n c e r ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x a c c e s s t o S E M A P H O R E r e g ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e - f a c t o r b a r m a p p i n g c o d e ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : d o n o t u s e s l i _ f a m i l y t o i d e n t i f y s k y h a w k - R c h i p ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x w r o n g u s a g e o f a d a p t e r - > g e n e r a t i o n ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e L A N C E R A 0 w o r k a r o u n d ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : F i x s m a t c h w a r n i n g s i n b e _ m a i n . c ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : U p d a t e d r i v e r v e r s i o n ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x s k y h a w k V F P C I D e v i c e I D ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x F W f l a s h i n g o n S k y h a w k - R ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : E n a b l i n g W a k e - o n - L A N i s n o t s u p p o r t e d i n S 5 s t a t e ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x V F d r i v e r l o a d o n n e w e r L a n c e r F W ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x u n n e c e s s a r y d e l a y i n P C I E E H ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x i s s u e s i n e r r o r r e c o v e r y d u e t o w r o n g q u e u e s t a t e ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x e t h t o o l g e t _ s e t t i n g s o u t p u t f o r V F ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x e r r o r m e s s a g e s w h i l e d r i v e r l o a d f o r V F s ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x c o n f i g u r i n g V L A N f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : W a i t t i l l r e s o u r c e s a r e a v a i l a b l e f o r V F i n e r r o r r e c o v e r y ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x c h a n g e M A C o p e r a t i o n f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x s e t t i n g Q o S f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x d r i v e r l o a d f a i l u r e f o r d i f f e r e n t F W c o n f i g s i n L a n c e r ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : c r e a t e R S S r i n g s e v e n i n m u l t i - c h a n n e l c o n f i g s ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : s e t m a x i m a l n u m b e r o f d e f a u l t R S S q u e u e s ( Y u v a l M i n t z ) \r b r > - b e 2 n e t : P r o g r a m s e c o n d a r y U C M A C a d d r e s s i n t o M A C f i l t e r ( A j i t K h a p a r d e ) \r b r > - b e 2 n e t : R e m o v e c o d e t h a t s t o p s f u r t h e r a c c e s s t o B E N I C b a s e d o n U E b i t s \r b r > ( A j i t K h a p a r d e ) \r b r > - b e 2 n e t : f i x v f s e n u m e r a t i o n ( I v a n V e c e r a ) \r b r > - b e 2 n e t : f i x u p l o g m e s s a g e s ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : c l e a n u p c o d e r e l a t e d t o b e _ l i n k _ s t a t u s _ q u e r y ( ) ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x w r o n g h a n d l i n g o f b e _ s e t u p ( ) f a i l u r e i n b e _ p r o b e ( ) ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e t y p e a r g u m e n t o f b e _ c m d _ m a c _ a d d r _ q u e r y ( ) ( S a t h y a P e r l a ) \r b r > - R e v e r t ' b e 2 n e t : f i x v f s e n u m e r a t i o n ' ( D a v i d S . M i l l e r ) \r b r > - b e 2 n e t : f i x v f s e n u m e r a t i o n ( I v a n V e c e r a ) \r b r > - b e 2 n e t : u s e P C I e A E R c a p a b i l i t y ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : m o d i f y l o g m s g f o r l a c k o f p r i v i l e g e e r r o r ( V a s u n d h a r a V o l a m ) \r b r > - b e 2 n e t : f i x F W d e f a u l t f o r V F t x - r a t e ( V a s u n d h a r a V o l a m ) \r b r > - b e 2 n e t : f i x m a x V F s r e p o r t e d b y H W ( V a s u n d h a r a V o l a m ) \r b r > - n e t p o l l : r e v e r t 6 b d b 7 f e 3 1 0 4 a n d f i x b e _ p o l l ( ) i n s t e a d ( A m e r i g o W a n g ) \r b r > - S P E C : O L 5 k e r n e l f i r m w a r e r p m d e p e n d s o n a l l o t h e r s f i r m w a r e s ( M a x i m U v a r o v ) \r b r > [ O r a b u g : 1 5 9 8 7 3 3 2 ] \r b r > \r b r > [ 2 . 6 . 3 9 - 4 0 0 . 5 . 0 ] \r b r > - x 8 6 , t s c : F i x S M I i n d u c e d v a r i a t i o n i n q u i c k _ p i t _ c a l i b r a t e ( ) ( L i n u s T o r v a l d s ) \r b r > [ O r a b u g : 1 3 2 5 6 1 6 6 ] \r b r > - x 8 6 , t s c : S k i p T S C s y n c h r o n i z a t i o n c h e c k s f o r t s c = r e l i a b l e ( S u r e s h S i d d h a ) \r b r > [ O r a b u g : 1 3 2 5 6 1 6 6 ] \r b r > - b o n d i n g : r l b m o d e o f b o n d s h o u l d n o t a l t e r A R P o r i g i n a t i n g v i a b r i d g e \r b r > ( z h e n g . l i ) [ O r a b u g : 1 4 6 5 0 9 7 5 ] \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 # r d a c ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - s n i t s - p u b l i c \r b r > ( M a x i m U v a r o v ) \r b r > - [ S C S I ] s c s i _ d h _ r d a c : F i x e r r o r p a t h ( R i c h a r d W e i n b e r g e r ) \r b r > - [ S C S I ] s c s i _ d h _ r d a c : A d d i n g N e t A p p a s a b r a n d n a m e f o r r d a c ( C h a u h a n , V i j a y ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 8 - f i x e s - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - x e n - b l k f r o n t : h a n d l e b v e c s w i t h p a r t i a l d a t a ( R o g e r P a u M o n n e ) \r b r > - x e n - b l k f r o n t : i m p l e m e n t s a f e v e r s i o n o f l l i s t _ f o r _ e a c h _ e n t r y ( R o g e r P a u \r b r > M o n n e ) \r b r > - x e n - b l k b a c k : i m p l e m e n t s a f e i t e r a t o r f o r t h e l i s t o f p e r s i s t e n t g r a n t s ( R o g e r \r b r > P a u M o n n e ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 8 - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - b a c k p o r t - 3 . 8 ' o f g i t : / / c a - g i t / l i n u x - k o n r a d - p u b l i c i n t o \r b r > u e k 2 - m e r g e - 4 0 0 ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n : a r m : i m p l e m e n t r e m a p i n t e r f a c e s n e e d e d f o r p r i v c m d m a p p i n g s . ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : c o r r e c t l y u s e x e n _ p f n _ t i n r e m a p _ d o m a i n _ m f n _ r a n g e . ( I a n C a m p b e l l ) \r b r > - x e n : a r m : e n a b l e b a l l o o n d r i v e r ( I a n C a m p b e l l ) \r b r > - x e n : b a l l o o n : a l l o w P V M M U i n t e r f a c e s t o b e c o m p i l e d o u t ( I a n C a m p b e l l ) \r b r > - x e n : p r i v c m d : s u p p o r t a u t o t r a n s l a t e d p h y s m a p g u e s t s . ( M u k e s h R a t h o r ) \r b r > - x e n : a d d p a g e s p a r a m e t e r t o x e n _ r e m a p _ d o m a i n _ m f n _ r a n g e ( I a n C a m p b e l l ) \r b r > - x e n / P V o n H V M : f i x c o m p i l e w a r n i n g i n i n i t _ h v m _ p v _ i n f o ( O l a f H e r i n g ) \r b r > - x e n / a c p i : M o v e t h e x e n _ r u n n i n g _ o n _ v e r s i o n _ o r _ l a t e r f u n c t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / x e n b u s : R e m o v e d u p l i c a t e i n c l u s i o n o f a s m / x e n / h y p e r v i s o r . h ( S a c h i n K a m a t ) \r b r > - x e n / a c p i : F i x c o m p i l e e r r o r b y m i s s i n g d e c l e r a t i o n f o r x e n _ d o m a i n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a c p i : r e v e r t p a d c o n f i g c h e c k i n x e n _ c h e c k _ m w a i t ( L i u , J i n s o n g ) \r b r > - x e n / a c p i : A C P I P A D d r i v e r ( L i u , J i n s o n g ) \r b r > - x e n P V o n H V M : u s e E 8 2 0 _ R e s e r v e d a r e a f o r s h a r e d _ i n f o ( O l a f H e r i n g ) \r b r > - x e n - b l k f r o n t : f r e e a l l o c a t e d p a g e ( R o g e r P a u M o n n e ) \r b r > - x e n - b l k b a c k : m o v e f r e e p e r s i s t e n t g r a n t s c o d e ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : p e r s i s t e n t - g r a n t s f i x e s ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : P e r s i s t e n t g r a n t m a p s f o r x e n b l k d r i v e r s ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : C h a n g e x e n _ v b d ' s f l u s h _ s u p p o r t a n d d i s c a r d _ s e c u r e t o h a v e t y p e \r b r > u n s i g n e d i n t , r a t h e r t h a n b o o l ( O l i v e r C h i c k ) \r b r > - x e n / b l k b a c k : u s e k m e m _ c a c h e _ z a l l o c i n s t e a d o f k m e m _ c a c h e _ a l l o c / m e m s e t ( W e i \r b r > Y o n g j u n ) \r b r > - x e n / b l k f r o n t : A d d W A R N t o d e a l w i t h m i s b e h a v i n g b a c k e n d s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - l l i s t - r e t u r n - w h e t h e r - l i s t - i s - e m p t y - b e f o r e - a d d i n g - i n - l l i s t _ a d d - f i x ( A n d r e w \r b r > M o r t o n ) \r b r > - l l i s t : A d d b a c k l l i s t _ a d d _ b a t c h ( ) a n d l l i s t _ d e l _ f i r s t ( ) p r o t o t y p e s ( S t e p h e n \r b r > R o t h w e l l ) \r b r > - l l i s t : R e m o v e c p u _ r e l a x ( ) u s a g e i n c m p x c h g l o o p s ( P e t e r Z i j l s t r a ) \r b r > - l l i s t : A d d l l i s t _ n e x t ( ) ( P e t e r Z i j l s t r a ) \r b r > - l l i s t : R e t u r n w h e t h e r l i s t i s e m p t y b e f o r e a d d i n g i n l l i s t _ a d d ( ) ( H u a n g Y i n g ) \r b r > - l l i s t : M o v e c p u _ r e l a x ( ) t o a f t e r t h e c m p x c h g ( ) ( H u a n g Y i n g ) \r b r > - l l i s t : R e m o v e t h e p l a t f o r m - d e p e n d e n t N M I c h e c k s ( I n g o M o l n a r ) \r b r > - l l i s t : M a k e s o m e l l i s t f u n c t i o n s i n l i n e ( H u a n g Y i n g ) \r b r > - l i b , A d d l o c k - l e s s N U L L t e r m i n a t e d s i n g l e l i s t ( H u a n g Y i n g ) \r b r > - x e n / o p r o f i l e : E x p o s e t h e o p r o f i l e _ a r c h _ e x i t _ f n c p o i n t e r . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / o p r o f i l e : S w i t c h f r o m s y s c o r e _ o p s t o p l a t f o r m _ o p s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / o p r o f i l e : F i x c o m p i l e i s s u e s w h e n C O N F I G _ X E N i s n o t d e f i n e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : T h e a r c h _ v a r i a n t s f o r i n i t / e x e c w e r e n ' t b e i n g c a l l e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : C o m p i l e f i x ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : P a t c h f r o m M i c h a e l P e t u l l o ( K o n r a d R z e s z u t e k W i l k ) \r b r > \r b r > [ 2 . 6 . 3 9 - 4 0 0 . 4 . 0 ] \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 7 - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - b a c k p o r t - 3 . 7 ' o f g i t : / / c a - g i t / l i n u x - k o n r a d - p u b l i c i n t o \r b r > u e k 2 - m e r g e - 4 0 0 ( K o n r a d R z e s z u t e k W i l k ) \r b r > - R e v e r t ' x e n / x 8 6 : W o r k a r o u n d 6 4 - b i t h y p e r v i s o r a n d 3 2 - b i t i n i t i a l d o m a i n . ' a n d \r b r > ' x e n / x 8 6 : U s e m e m b l o c k _ r e s e r v e f o r s e n s i t i v e a r e a s . ' ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / x 8 6 : W o r k a r o u n d 6 4 - b i t h y p e r v i s o r a n d 3 2 - b i t i n i t i a l d o m a i n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a r m : F i x c o m p i l e e r r o r s w h e n d r i v e r s a r e c o m p i l e d a s m o d u l e s ( e x p o r t \r b r > m o r e ) . ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : F i x c o m p i l e e r r o r s w h e n d r i v e r s a r e c o m p i l e d a s m o d u l e s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / g e n e r i c : D i s a b l e f a l l b a c k b u i l d o n A R M . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / h v m : I f w e f a i l t o f e t c h a n H V M p a r a m e t e r p r i n t o u t w h i c h f l a g i t i s . \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / h y p e r c a l l : f i x h y p e r c a l l f a l l b a c k c o d e f o r v e r y o l d h y p e r v i s o r s ( J a n \r b r > B e u l i c h ) \r b r > - x e n / a r m : u s e t h e _ _ H V C m a c r o ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / x e n b u s : f i x o v e r f l o w c h e c k i n x e n b u s _ f i l e _ w r i t e ( ) ( J a n B e u l i c h ) \r b r > - x e n - k b d f r o n t : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n - f b f r o n t : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n / g n t d e v : d o n ' t l e a k m e m o r y f r o m I O C T L _ G N T D E V _ M A P _ G R A N T _ R E F ( D a v i d V r a b e l ) \r b r > - x 8 6 : r e m o v e o b s o l e t e c o m m e n t f r o m a s m / x e n / h y p e r v i s o r . h ( O l a f H e r i n g ) \r b r > - x e n : d b g p : F i x w a r n i n g w h e n C O N F I G _ P C I i s n o t e n a b l e d . ( I a n C a m p b e l l ) \r b r > - U S B E H C I / X e n : p r o p a g a t e c o n t r o l l e r r e s e t i n f o r m a t i o n t o h y p e r v i s o r ( J a n \r b r > B e u l i c h ) \r b r > - x e n : a r m : c o m m e n t o n w h y 6 4 - b i t x e n _ p f n _ t i s s a f e e v e n o n 3 2 b i t ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : b a l l o o n : u s e c o r r e c t t y p e f o r f r a m e _ l i s t ( I a n C a m p b e l l ) \r b r > - x e n / x 8 6 : d o n ' t c o r r u p t % e i p w h e n r e t u r n i n g f r o m a s i g n a l h a n d l e r ( D a v i d \r b r > V r a b e l ) \r b r > - x e n : a r m : m a k e p 2 m o p e r a t i o n s N O P s ( I a n C a m p b e l l ) \r b r > - x e n : b a l l o o n : d o n ' t i n c l u d e e 8 2 0 . h ( I a n C a m p b e l l ) \r b r > - x e n : e v e n t s : p i r q _ c h e c k _ e o i _ m a p i s X 8 6 s p e c i f i c ( I a n C a m p b e l l ) \r b r > - x e n : X E N M E M _ t r a n s l a t e _ g p f n _ l i s t w a s r e m o v e a g e s a g o a n d i s u n u s e d . ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : s y s f s : i n c l u d e e r r . h f o r P T R _ E R R e t c ( I a n C a m p b e l l ) \r b r > - x e n : x e n b u s : q u i r k u s e s x 8 6 s p e c i f i c c p u i d ( I a n C a m p b e l l ) \r b r > - x e n / x e n b u s : F i x c o m p i l e w a r n i n g . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / x 8 6 : r e m o v e d u p l i c a t e d i n c l u d e f r o m e n l i g h t e n . c ( W e i Y o n g j u n ) \r b r > - x e n / p v - o n - h v m k e x e c : a d d q u i r k f o r X e n 3 . 4 a n d s h u t d o w n w a t c h e s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / b o o t u p : a l l o w { r e a d | w r i t e } _ c r 8 p v o p s c a l l . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / b o o t u p : a l l o w r e a d _ t s c p c a l l f o r X e n P V g u e s t s . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n p v - o n - h v m : a d d p f n _ i s _ r a m h e l p e r f o r k d u m p ( O l a f H e r i n g ) \r b r > - x e n / h v c : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n / x e n _ i n i t i a l _ d o m a i n : c h e c k t h a t x e n _ s t a r t _ i n f o i s i n i t i a l i z e d ( S t e f a n o \r b r > S t a b e l l i n i ) \r b r > - x e n : m a r k x e n _ i n i t _ I R Q _ _ i n i t ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / M a k e f i l e : f i x d o m - y b u i l d ( S t e f a n o S t a b e l l i n i ) \r b r > - M A I N T A I N E R S : a d d m y s e l f a s X e n A R M m a i n t a i n e r ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : c o m p i l e n e t b a c k ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : c o m p i l e b l k f r o n t a n d b l k b a c k ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i m p l e m e n t a l l o c / f r e e _ x e n b a l l o o n e d _ p a g e s w i t h a l l o c _ p a g e s / k f r e e \r b r > ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : r e c e i v e X e n e v e n t s o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i n i t i a l i z e g r a n t _ t a b l e o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : g e t p r i v i l e g e s t a t u s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i n t r o d u c e C O N F I G _ X E N o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : d o n o t c o m p i l e m a n a g e , b a l l o o n , p c i , a c p i , p c p u a n d c p u _ h o t p l u g o n A R M \r b r > ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / t m e m : c l e a n u p ( J a n B e u l i c h ) \r b r > - x e n : A d d s e l f b a l l o n i n g m e m o r y r e s e r v a t i o n t u n a b l e . ( J a n a S a o u t ) \r b r > - x e n : c o n s t i f y a l l i n s t a n c e s o f ' s t r u c t a t t r i b u t e _ g r o u p ' ( J a n B e u l i c h ) \r b r > - x e n : F i x s e l f b a l l o o n i n g a n d e n s u r e i t d o e s n ' t g o t o o f a r ( D a n M a g e n h e i m e r ) \r b r > - x e n : s e l f - b a l l o o n n e e d s m o d u l e . h ( R a n d y D u n l a p ) \r b r > - x e n / b a l l o o n : F i x c o m p i l e e r r o r s - m i s s i n g h e a d e r f i l e s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n : t m e m : s e l f - b a l l o o n i n g a n d f r o n t s w a p - s e l f s h r i n k i n g ( D a n M a g e n h e i m e r ) \r b r > - x e n : g r a n t : u s e x e n _ p f n _ t t y p e f o r f r a m e _ l i s t . ( I a n C a m p b e l l ) \r b r > - x e n : s y s f s : f i x b u i l d w a r n i n g . ( I a n C a m p b e l l ) \r b r > - x e n / a r m : I n t r o d u c e x e n _ u l o n g _ t f o r u n s i g n e d l o n g ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : I n t r o d u c e x e n _ p f n _ t f o r p f n a n d m f n t y p e s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : X e n d e t e c t i o n a n d s h a r e d _ i n f o p a g e m a p p i n g ( S t e f a n o S t a b e l l i n i ) \r b r > - d o c s : X e n A R M D T b i n d i n g s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : e m p t y i m p l e m e n t a t i o n o f g r a n t _ t a b l e a r c h s p e c i f i c f u n c t i o n s ( S t e f a n o \r b r > S t a b e l l i n i ) \r b r > - x e n / a r m : s y n c _ b i t o p s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : p a g e . h d e f i n i t i o n s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : h y p e r c a l l s ( S t e f a n o S t a b e l l i n i ) \r b r > - a r m : i n i t i a l X e n s u p p o r t ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / v g a : a d d t h e x e n E F I v i d e o m o d e s u p p o r t ( J a n B e u l i c h ) \r b r > - x e n : a l l o w e n a b l e u s e o f V G A c o n s o l e o n d o m 0 ( J e r e m y F i t z h a r d i n g e ) \r b r > - x e n / p c i f r o n t : U s e X e n - S W I O T L B w h e n i n i t t i n g i f r e q u i r e d . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / s w i o t l b : F o r e a r l y i n i t i a l i z a t i o n , r e t u r n z e r o o n s u c c e s s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : U s e t h e s w i o t l b _ l a t e _ i n i t _ w i t h _ t b l t o i n i t X e n - S W I O T L B l a t e w h e n \r b r > P V P C I i s u s e d . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : M o v e t h e e r r o r s t r i n g s t o i t s o w n f u n c t i o n . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / s w i o t l b : M o v e t h e n r _ t b l d e t e r m i n a t i o n i n i t s o w n f u n c t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n : U s e c o r r e c t m a s k i n g i n x e n _ s w i o t l b _ a l l o c _ c o h e r e n t . ( R o n n y H e g e w a l d ) \r b r > - x e n / s w i o t l b : U s e p a g e a l i g n m e n t f o r e a r l y b u f f e r a l l o c a t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - s w i o t l b : E x p o s e s w i o t l b _ n r _ t l b f u n c t i o n t o m o d u l e s ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : W h e n d o i n g c o h e r e n t a l l o c / d e a l l o c c h e c k b e f o r e s w i z z l i n g t h e \r b r > M F N s . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : f i x p r i n t k a n d p a n i c a r g s ( R a n d y D u n l a p ) \r b r > - x e n - s w i o t l b : F i x w r o n g p a n i c . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : R e t r y u p t h r e e t i m e s t o a l l o c a t e X e n - S W I O T L B ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - s w i o t l b : a d d t h e l a t e s w i o t l b i n i t i a l i z a t i o n f u n c t i o n w i t h i o t l b m e m o r y \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : W i t h m o r e t h a n 4 G B o n 6 4 - b i t , d i s a b l e t h e n a t i v e S W I O T L B . \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : S i m p l i f y t h e l o g i c . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / g n d e v : X e n b a c k e n d s u p p o r t f o r p a g e d o u t g r a n t t a r g e t s V 4 . ( A n d r e s L a g a r - \r b r > C a v i l l a ) \r b r > - x e n / a r m : c o m p i l e a n d r u n x e n b u s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : c l e a r I R Q _ N O A U T O E N a n d I R Q _ N O R E Q U E S T ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / e v e n t s : f i x u n m a s k _ e v t c h n f o r P V o n H V M g u e s t s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / p r i v c m d : C o r r e c t l y r e t u r n s u c c e s s f r o m I O C T L _ P R I V C M D _ M M A P B A T C H ( M a t s \r b r > P e t e r s s o n ) \r b r > - x e n / m m u : U s e X e n s p e c i f i c T L B f l u s h i n s t e a d o f t h e g e n e r i c o n e . ( K o n r a d \r b r > R z e s z u t e k W i l k ) [ O r a c l e - b u g : 1 4 6 3 0 1 7 0 ] \r b r > - x e n / e n l i g h t e n : D i s a b l e M W A I T _ L E A F s o t h a t a c p i - p a d w o n ' t b e l o a d e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x 8 6 , a m d , x e n : A v o i d N U L L p o i n t e r p a r a v i r t r e f e r e n c e s ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s e t u p : f i l t e r A P E R F M P E R F c p u i d f e a t u r e o u t ( A n d r e P r z y w a r a ) \r b r > - x e n / e n l i g h t e n : E x p o s e M W A I T a n d M W A I T _ L E A F i f h y p e r v i s o r O K s i t . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a c p i : F i x p o t e n t i a l m e m o r y l e a k / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 0 9 . h t m l \" > C V E - 2 0 1 3 - 0 3 0 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 1 0 . h t m l \" > C V E - 2 0 1 3 - 0 3 1 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 1 1 . h t m l \" > C V E - 2 0 1 3 - 0 3 1 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 2 2 8 . h t m l \" > C V E - 2 0 1 3 - 0 2 2 8 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 2 a 8 2 d c 5 8 f b 8 5 f 4 b 2 6 3 7 d 1 1 d 5 b f 7 c 1 f c 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > c 8 6 d 7 3 9 4 3 1 1 a a 7 4 4 3 d d 8 3 d b 1 0 2 8 1 1 e 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > b 3 5 b a 6 0 a 3 2 e 9 5 a 6 e 8 d e 2 b 5 c 9 6 3 c a 6 0 8 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 4 5 7 1 8 7 8 1 a f f c 2 2 4 8 2 2 c 9 0 d c d d e a 0 5 5 d f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 0 e 5 0 f a 2 9 b d 2 8 1 2 8 d c 6 a a 4 5 c 6 e d 1 4 e 6 d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > c 0 8 a 0 0 f f 1 7 7 3 a 1 8 f a 6 c 2 9 7 8 6 b 9 b 2 5 c 1 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > d 7 6 1 5 6 f d 1 9 9 3 d d 1 d 8 b c 7 4 d b e 3 b 7 e 1 b 7 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 2 a 8 2 d c 5 8 f b 8 5 f 4 b 2 6 3 7 d 1 1 d 5 b f 7 c 1 f c 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 d c c d 1 8 8 0 b b e 0 b 0 e d f 4 3 c a a 0 9 9 1 7 c 6 9 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 8 6 b 2 e 2 5 b 5 4 2 4 a c 8 2 6 e 6 e d e 3 5 5 7 5 5 3 9 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d 9 0 4 5 6 3 1 0 2 5 c 7 f 8 a 6 8 4 7 3 f e 2 5 9 b a b 2 0 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > b 8 6 f b f f f 2 3 b 8 d 9 4 2 7 e 9 4 0 b 3 1 e d 7 e 6 a 1 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > c 0 8 a 0 0 f f 1 7 7 3 a 1 8 f a 6 c 2 9 7 8 6 b 9 b 2 5 c 1 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > d 7 6 1 5 6 f d 1 9 9 3 d d 1 d 8 b c 7 4 d b e 3 b 7 e 1 b 7 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . s r c . r p m / t d > t d > d 5 f 2 7 f 3 2 3 c 7 a e 9 1 a c b 0 5 b d a 4 f a 0 5 6 c 8 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 3 1 f 1 a e 8 5 f 3 6 d c e 4 5 7 8 5 d 7 4 e e 5 4 4 b 4 6 e c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 7 0 a e 7 2 b 7 a 7 0 d 9 a 1 5 f 4 7 9 2 2 2 3 3 8 9 0 8 8 9 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 5 d 3 9 d 7 2 e 0 d 3 c 8 6 3 5 e 2 d 8 3 c c e e 3 c 4 0 b 9 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > e 6 d 5 1 8 e 3 a 4 b e 4 9 b f 9 5 9 2 6 9 4 9 7 2 f b f 9 9 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 8 a 8 b b e 1 a 8 a 0 1 b e 0 4 a c d 2 2 d 4 9 9 e e 1 3 c e 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 4 c b 8 e 4 3 f a 7 a 7 8 8 0 3 3 a 0 4 b a 8 0 d 5 c b 6 6 7 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . s r c . r p m / t d > t d > d 5 f 2 7 f 3 2 3 c 7 a e 9 1 a c b 0 5 b d a 4 f a 0 5 6 c 8 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 8 6 9 5 9 3 1 f 3 6 3 8 e 8 d f 3 8 3 f 7 c 5 f 3 f 8 6 6 5 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 2 9 5 a 8 f 7 4 8 6 1 8 d d 1 0 5 f 3 f d 9 c c b f 2 2 1 a 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 b f 9 5 e 2 4 9 9 7 b c f 7 6 9 6 5 2 b 2 6 4 a 0 7 5 a 3 c c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > f 8 e 3 b 7 0 c 7 e e e 5 4 a a 1 a a d f 8 f a 1 b 8 1 7 b e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 8 a 8 b b e 1 a 8 a 0 1 b e 0 4 a c d 2 2 d 4 9 9 e e 1 3 c e 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 4 c b 8 e 4 3 f a 7 a 7 8 8 0 3 3 a 0 4 b a 8 0 d 5 c b 6 6 7 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2013-02-27T00:00:00", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2507.html", "cvelist": ["CVE-2012-2375", "CVE-2013-0228", "CVE-2013-0190", "CVE-2012-4461", "CVE-2012-4565", "CVE-2013-0217", "CVE-2013-0311", "CVE-2013-0231", "CVE-2012-5517", "CVE-2012-4398", "CVE-2013-0310", "CVE-2012-4530", "CVE-2013-0216", "CVE-2013-0309"], "lastseen": "2018-04-04T13:07:01"}], "redhat": [{"id": "RHSA-2013:0747", "type": "redhat", "title": "(RHSA-2013:0747) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the Xen netback driver implementation in the Linux\nkernel. A privileged guest user with access to a para-virtualized network\ndevice could use this flaw to cause a long loop in netback, leading to a\ndenial of service that could potentially affect the entire system.\n(CVE-2013-0216, Moderate)\n\n* A flaw was found in the Xen PCI device back-end driver implementation in\nthe Linux kernel. A privileged guest user in a guest that has a PCI\npassthrough device could use this flaw to cause a denial of service that\ncould potentially affect the entire system. (CVE-2013-0231, Moderate)\n\n* A NULL pointer dereference flaw was found in the IP packet transformation\nframework (XFRM) implementation in the Linux kernel. A local user who has\nthe CAP_NET_ADMIN capability could use this flaw to cause a denial of\nservice. (CVE-2013-1826, Moderate)\n\n* Information leak flaws were found in the XFRM implementation in the\nLinux kernel. A local user who has the CAP_NET_ADMIN capability could use\nthese flaws to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n* An information leak flaw was found in the logical link control (LLC)\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to leak kernel stack memory to user-space. (CVE-2012-6542, Low)\n\n* Two information leak flaws were found in the Linux kernel's Asynchronous\nTransfer Mode (ATM) subsystem. A local, unprivileged user could use these\nflaws to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n* An information leak flaw was found in the TUN/TAP device driver in the\nLinux kernel's networking implementation. A local user with access to a\nTUN/TAP virtual interface could use this flaw to leak kernel stack memory\nto user-space. (CVE-2012-6547, Low)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2013-0216\nand CVE-2013-0231 issues.\n\nThis update also fixes the following bugs:\n\n* The IPv4 code did not correctly update the Maximum Transfer Unit (MTU) of\nthe designed interface when receiving ICMP Fragmentation Needed packets.\nConsequently, a remote host did not respond correctly to ping attempts.\nWith this update, the IPv4 code has been modified so the MTU of the\ndesigned interface is adjusted as expected in this situation. The ping\ncommand now provides the expected output. (BZ#923353)\n\n* Previously, the be2net code expected the last word of an MCC completion\nmessage from the firmware to be transferred by direct memory access (DMA)\nat once. However, this is not always true, and could therefore cause the\nBUG_ON() macro to be triggered in the be_mcc_compl_is_new() function,\nconsequently leading to a kernel panic. The BUG_ON() macro has been\nremoved from be_mcc_compl_is_new(), and the kernel panic no longer occurs\nin this scenario. (BZ#923910)\n\n* Previously, the NFSv3 server incorrectly converted 64-bit cookies to\n32-bit. Consequently, the cookies became invalid, which affected all file\nsystem operations depending on these cookies, such as the READDIR operation\nthat is used to read entries from a directory. This led to various\nproblems, such as exported directories being empty or displayed\nincorrectly, or an endless loop of the READDIRPLUS procedure which could\npotentially cause a buffer overflow. This update modifies knfsd code so\nthat 64-bit cookies are now handled correctly and all file system\noperations work as expected. (BZ#924087)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2013-04-16T04:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:0747", "cvelist": ["CVE-2012-6537", "CVE-2012-6542", "CVE-2012-6546", "CVE-2012-6547", "CVE-2013-0216", "CVE-2013-0231", "CVE-2013-1826"], "lastseen": "2017-09-09T07:20:14"}, {"id": "RHSA-2013:0744", "type": "redhat", "title": "(RHSA-2013:0744) Important: kernel security and bug fix update", "description": "Security:\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the Intel i915 driver in the Linux kernel handled the\nallocation of the buffer used for relocation copies. A local user with\nconsole access could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were\nconverted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's\nFAT file system implementation. A local user able to mount a FAT file\nsystem with the \"utf8=1\" option could use this flaw to crash the system or,\npotentially, to escalate their privileges. (CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the\nbuffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine\nstate register (MSR) crossed a page boundary. A privileged guest user could\nuse this flaw to crash the host or, potentially, escalate their privileges,\nallowing them to execute arbitrary code at the host kernel level.\n(CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest\ntime updates when the GPA (guest physical address) the guest registered by\nwriting to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a\nmovable or removable memory region of the hosting user-space process (by\ndefault, QEMU-KVM) on the host. If that memory region is deregistered from\nKVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory\nreused, a privileged guest user could potentially use this flaw to\nescalate their privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced\nProgrammable Interrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL pointer\ndereference, was found in the key management facility. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to cause a denial of service.\n(CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control Protocol\n(DCCP) implementation could allow a local user to cause a denial of\nservice. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to leak kernel stack memory to\nuser-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM)\nsubsystem could allow a local, unprivileged user to leak kernel stack\nmemory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the\nnetworking implementation. A local user with access to a TUN/TAP virtual\ninterface could use this flaw to leak kernel stack memory to user-space.\n(CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a local\nuser who has the CAP_NET_ADMIN capability to leak kernel stack memory to\nuser-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user\nable to mount and unmount a tmpfs file system could use this flaw to cause\na denial of service or, potentially, escalate their privileges.\n(CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB Inside Out\nEdgeport Serial Driver implementation. An attacker with physical access to\na system could use this flaw to cause a denial of service. (CVE-2013-1774,\nLow)\n\nRed Hat would like to thank Andrew Honig of Google for reporting\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was\ndiscovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.\n", "published": "2013-04-23T04:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:0744", "cvelist": ["CVE-2012-6537", "CVE-2012-6538", "CVE-2012-6546", "CVE-2012-6547", "CVE-2013-0349", "CVE-2013-0913", "CVE-2013-1767", "CVE-2013-1773", "CVE-2013-1774", "CVE-2013-1792", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798", "CVE-2013-1826", "CVE-2013-1827"], "lastseen": "2017-12-25T20:05:28"}, {"id": "RHSA-2012:1491", "type": "redhat", "title": "(RHSA-2012:1491) Important: kernel-rt security and bug fix update", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way Netlink messages without SCM_CREDENTIALS\n(used for authentication) data set were handled. When not explicitly set,\nthe data was sent but with all values set to 0, including the process ID\nand user ID, causing the Netlink message to appear as if it were sent with\nroot privileges. A local, unprivileged user could use this flaw to send\nspoofed Netlink messages to an application, possibly resulting in the\napplication performing privileged operations if it relied on\nSCM_CREDENTIALS data for the authentication of Netlink messages.\n(CVE-2012-3520, Important)\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A use-after-free flaw was found in the Linux kernel's memory management\nsubsystem in the way quota handling for huge pages was performed. A local,\nunprivileged user could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2012-2133, Moderate)\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2012-3511, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* An information leak flaw was found in the uname() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to leak kernel stack memory to user-space by setting the UNAME26\npersonality and then calling the uname() system call. (CVE-2012-0957, Low)\n\n* Buffer overflow flaws were found in the udf_load_logicalvol() function in\nthe Universal Disk Format (UDF) file system implementation in the Linux\nkernel. An attacker with physical access to a system could use these flaws\nto cause a denial of service or escalate their privileges. (CVE-2012-3400,\nLow)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Pablo Neira Ayuso for reporting CVE-2012-3520;\nTheodore Ts'o for reporting CVE-2012-4508; Shachar Raindel for reporting\nCVE-2012-2133; and Kees Cook for reporting CVE-2012-0957. Upstream\nacknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4565 issue was discovered by Rodrigo Freire of Red Hat, and the\nCVE-2012-3430 issue was discovered by the Red Hat InfiniBand team.\n\nThis update also fixes multiple bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version kernel-rt-3.2.33-rt50, and correct these issues. The\nsystem must be rebooted for this update to take effect.\n", "published": "2012-12-04T05:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:1491", "cvelist": ["CVE-2012-2133", "CVE-2012-4508", "CVE-2012-3520", "CVE-2012-3511", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3400", "CVE-2012-3430"], "lastseen": "2017-03-03T19:18:34"}, {"id": "RHSA-2012:1580", "type": "redhat", "title": "(RHSA-2012:1580) Moderate: kernel security, bug fix and enhancement update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* It was found that the RHSA-2012:0862 update did not correctly fix the\nCVE-2011-4131 issue. A malicious Network File System version 4 (NFSv4)\nserver could return a crafted reply to a GETACL request, causing a denial\nof service on the client. (CVE-2012-2375, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* A NULL pointer dereference flaw was found in the way a new node's hot\nadded memory was propagated to other nodes' zonelists. By utilizing this\nnewly added memory from one of the remaining nodes, a local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2012-5517,\nModerate)\n\n* It was found that the initial release of Red Hat Enterprise Linux 6 did\nnot correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the\next4 file system code. A local, unprivileged user with the ability to mount\nan ext4 file system could use this flaw to cause a denial of service.\n(CVE-2012-2100, Low)\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled overlapping, fragmented IPv6 packets. A remote attacker could\npotentially use this flaw to bypass protection mechanisms (such as a\nfirewall or intrusion detection system (IDS)) when sending network packets\nto a target system. (CVE-2012-4444, Low)\n\nRed Hat would like to thank Antonios Atlasis working with Beyond Security's\nSecuriTeam Secure Disclosure program and Loganaden Velvindron of AFRINIC\nfor reporting CVE-2012-4444. The CVE-2012-2375 issue was discovered by Jian\nLi of Red Hat, and CVE-2012-4565 was discovered by Rodrigo Freire of Red\nHat.\n\nThis update also fixes numerous bugs and adds one enhancement. Space \nprecludes documenting all of these changes in this advisory. Documentation\nfor these changes will be available shortly from the Red Hat Enterprise \nLinux 6.3 Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, fix these bugs and add the enhancement \nnoted in the Technical Notes. The system must be rebooted for this update \nto take effect.\n", "published": "2012-12-18T05:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:1580", "cvelist": ["CVE-2009-4307", "CVE-2011-4131", "CVE-2012-2100", "CVE-2012-2375", "CVE-2012-4444", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2017-12-25T20:04:51"}, {"id": "RHSA-2013:1034", "type": "redhat", "title": "(RHSA-2013:1034) Low: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Information leaks in the Linux kernel could allow a local, unprivileged\nuser to leak kernel memory to user-space. (CVE-2012-6544, CVE-2012-6545,\nCVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235, Low)\n\n* An information leak was found in the Linux kernel's POSIX signals\nimplementation. A local, unprivileged user could use this flaw to bypass\nthe Address Space Layout Randomization (ASLR) security feature.\n(CVE-2013-0914, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\nThis update also fixes the following bugs:\n\n* Previously on system boot, devices with associated Reserved Memory Region\nReporting (RMRR) information had lost their RMRR information after they\nwere removed from the static identity (SI) domain. Consequently, a system\nunexpectedly terminated in an endless loop due to unexpected NMIs triggered\nby DMA errors. This problem was observed on HP ProLiant Generation 7 (G7)\nand 8 (Gen8) systems. This update prevents non-USB devices that have RMRR\ninformation associated with them from being placed into the SI domain\nduring system boot. HP ProLiant G7 and Gen8 systems that contain devices\nwith the RMRR information now boot as expected. (BZ#957606)\n\n* Previously, the kernel's futex wait code used timeouts that had\ngranularity in milliseconds. Also, when passing these timeouts to system\ncalls, the kernel converted the timeouts to \"jiffies\". Consequently,\nprograms could time out inaccurately which could lead to significant\nlatency problems in certain environments. This update modifies the futex\nwait code to use a high-resolution timer (hrtimer) so the timeout\ngranularity is now in microseconds. Timeouts are no longer converted to\n\"jiffies\" when passed to system calls. Timeouts passed to programs are now\naccurate and the programs time out as expected. (BZ#958021)\n\n* A recent change modified the size of the task_struct structure in the\nfloating point unit (fpu) counter. However, on Intel Itanium systems, this\nchange caused the kernel Application Binary Interface (kABI) to stop\nworking properly when a previously compiled module was loaded, resulting in\na kernel panic. With this update the change causing this bug has been\nreverted so the bug can no longer occur. (BZ#966878)\n\n* The cxgb4 driver previously did not clear data structures used for\nfirmware requests. Consequently, when initializing some Chelsio's\nTerminator 4 (T4) adapters, a probe request could fail because the request\nwas incompatible with the adapter's firmware. This update modifies the\ncxgb4 driver to properly initialize firmware request structures before\nsending a request to the firmware and the problem no longer occurs.\n(BZ#971872)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2013-07-10T04:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1034", "cvelist": ["CVE-2012-6544", "CVE-2012-6545", "CVE-2013-0914", "CVE-2013-1929", "CVE-2013-3222", "CVE-2013-3224", "CVE-2013-3231", "CVE-2013-3235"], "lastseen": "2017-09-09T07:20:34"}, {"id": "RHSA-2013:1645", "type": "redhat", "title": "(RHSA-2013:1645) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled certain UDP packets when the UDP Fragmentation Offload (UFO)\nfeature was enabled. A remote attacker could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-4387, Important)\n\n* A flaw was found in the way the Linux kernel handled the creation of\ntemporary IPv6 addresses. If the IPv6 privacy extension was enabled\n(/proc/sys/net/ipv6/conf/eth0/use_tempaddr set to '2'), an attacker on the\nlocal network could disable IPv6 temporary address generation, leading to a\npotential information disclosure. (CVE-2013-0343, Moderate)\n\n* A flaw was found in the way the Linux kernel handled HID (Human Interface\nDevice) reports with an out-of-bounds Report ID. An attacker with physical\naccess to the system could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2013-2888,\nModerate)\n\n* An off-by-one flaw was found in the way the ANSI CPRNG implementation in\nthe Linux kernel processed non-block size aligned requests. This could lead\nto random numbers being generated with less bits of entropy than expected\nwhen ANSI CPRNG was used. (CVE-2013-4345, Moderate)\n\n* It was found that the fix for CVE-2012-2375 released via RHSA-2012:1580\naccidentally removed a check for small-sized result buffers. A local,\nunprivileged user with access to an NFSv4 mount with ACL support could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system . (CVE-2013-4591, Moderate)\n\n* A flaw was found in the way IOMMU memory mappings were handled when\nmoving memory slots. A malicious user on a KVM host who has the ability to\nassign a device to a guest could use this flaw to crash the host.\n(CVE-2013-4592, Moderate)\n\n* Heap-based buffer overflow flaws were found in the way the Zeroplus and\nPantherlord/GreenAsia game controllers handled HID reports. An attacker\nwith physical access to the system could use these flaws to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-2889, CVE-2013-2892, Moderate)\n\n* Two information leak flaws were found in the logical link control (LLC)\nimplementation in the Linux kernel. A local, unprivileged user could use\nthese flaws to leak kernel stack memory to user space. (CVE-2012-6542,\nCVE-2013-3231, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\n* Information leak flaws in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user space. (CVE-2012-6545,\nCVE-2013-1928, CVE-2013-2164, CVE-2013-2234, Low)\n\n* A format string flaw was found in the Linux kernel's block layer.\nA privileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\nRed Hat would like to thank Stephan Mueller for reporting CVE-2013-4345,\nand Kees Cook for reporting CVE-2013-2851.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.5 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.5 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-11-21T05:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1645", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2012-2375", "CVE-2013-3231", "CVE-2013-2892", "CVE-2013-4592", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-1929", "CVE-2013-2851", "CVE-2013-4387", "CVE-2013-0343", "CVE-2013-1928", "CVE-2013-2888", "CVE-2013-2164", "CVE-2013-2889", "CVE-2013-4591"], "lastseen": "2017-03-04T13:18:38"}, {"id": "RHSA-2013:1527", "type": "redhat", "title": "(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state.\n\nA buffer overflow flaw was found in the way QEMU processed the SCSI \"REPORT\nLUNS\" command when more than 256 LUNs were specified for a single SCSI\ntarget. A privileged guest user could use this flaw to corrupt QEMU process\nmemory on the host, which could potentially result in arbitrary code\nexecution on the host with the privileges of the QEMU process.\n(CVE-2013-4344)\n\nMultiple flaws were found in the way Linux kernel handled HID (Human\nInterface Device) reports. An attacker with physical access to the system\ncould use this flaw to crash the system or, potentially, escalate their\nprivileges on the system. (CVE-2013-2888, CVE-2013-2889, CVE-2013-2892)\n\nA flaw was found in the way the Python SSL module handled X.509 certificate\nfields that contain a NULL byte. An attacker could potentially exploit this\nflaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that\nto exploit this issue, an attacker would need to obtain a carefully crafted\ncertificate signed by an authority that the client trusts. (CVE-2013-4238)\n\nThe default OpenSSH configuration made it easy for remote attackers to\nexhaust unauthorized connection slots and prevent other users from being\nable to log in to a system. This flaw has been addressed by enabling random\nearly connection drops by setting MaxStartups to 10:30:100 by default.\nFor more information, refer to the sshd_config(5) man page. (CVE-2010-5107)\n\nThe CVE-2013-4344 issue was discovered by Asias He of Red Hat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-0786 and CVE-2012-0787 (augeas issues)\n\nCVE-2013-1813 (busybox issue)\n\nCVE-2013-0221, CVE-2013-0222, and CVE-2013-0223 (coreutils issues)\n\nCVE-2012-4453 (dracut issue)\n\nCVE-2013-4332, CVE-2013-0242, and CVE-2013-1914 (glibc issues)\n\nCVE-2013-4387, CVE-2013-0343, CVE-2013-4345, CVE-2013-4591, CVE-2013-4592,\nCVE-2012-6542, CVE-2013-3231, CVE-2013-1929, CVE-2012-6545, CVE-2013-1928,\nCVE-2013-2164, CVE-2013-2234, and CVE-2013-2851 (kernel issues)\n\nCVE-2013-4242 (libgcrypt issue)\n\nCVE-2013-4419 (libguestfs issue)\n\nCVE-2013-1775, CVE-2013-2776, and CVE-2013-2777 (sudo issues)\n\nThis update also fixes the following bug:\n\n* A previous version of the rhev-hypervisor6 package did not contain the\nlatest vhostmd package, which provides a \"metrics communication channel\"\nbetween a host and its hosted virtual machines, allowing limited\nintrospection of host resource usage from within virtual machines. This has\nbeen fixed, and rhev-hypervisor6 now includes the latest vhostmd package.\n(BZ#1026703)\n\nThis update also contains the fixes from the following errata:\n\n* ovirt-node: https://rhn.redhat.com/errata/RHBA-2013-1528.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "published": "2013-11-21T05:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1527", "cvelist": ["CVE-2013-2234", "CVE-2013-1775", "CVE-2013-4345", "CVE-2013-0242", "CVE-2012-4453", "CVE-2013-4238", "CVE-2013-0223", "CVE-2013-1813", "CVE-2013-3231", "CVE-2013-2892", "CVE-2013-4592", "CVE-2013-4242", "CVE-2013-4419", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-0222", "CVE-2012-0787", "CVE-2013-1929", "CVE-2013-2777", "CVE-2013-4332", "CVE-2010-5107", "CVE-2013-2851", "CVE-2013-1914", "CVE-2012-0786", "CVE-2013-2776", "CVE-2013-4387", "CVE-2013-0343", "CVE-2013-1928", "CVE-2013-0221", "CVE-2013-2888", "CVE-2013-2164", "CVE-2013-2889", "CVE-2013-4591", "CVE-2013-4344"], "lastseen": "2017-03-10T07:18:24"}, {"id": "RHSA-2013:1195", "type": "redhat", "title": "(RHSA-2013:1195) Important: kernel security and bug fix update", "description": "Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4\nkernel. These custom kernel packages include support for network\nnamespaces, this support is required to facilitate advanced OpenStack\nNetworking deployments.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation handled duplicate cookies. If a\nlocal user queried SCTP connection information at the same time a remote\nattacker has initialized a crafted SCTP connection to the system, it could\ntrigger a NULL pointer dereference, causing the system to crash.\n(CVE-2013-2206, Important)\n\n* An invalid free flaw was found in the Linux kernel's TCP/IP protocol\nsuite implementation. A local, unprivileged user could use this flaw to\ncorrupt kernel memory via crafted sendmsg() calls, allowing them to cause a\ndenial of service or, potentially, escalate their privileges on the system.\n(CVE-2013-2224, Important)\n\n* A flaw was found in the Linux kernel's Performance Events implementation.\nOn systems with certain Intel processors, a local, unprivileged user could\nuse this flaw to cause a denial of service by leveraging the perf subsystem\nto write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1\nmodel-specific registers. (CVE-2013-2146, Moderate)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel's Bluetooth implementation\ncould allow a local, unprivileged user to leak kernel memory to user-space.\n(CVE-2012-6544, Low)\n\n* An information leak flaw in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2237, Low)\n\nIn addition, the following bugs and features have been addressed:\n995409, 995125, 993251, 985838, 975974\n\nMore information on the Red Hat Enterprise Linux 6.4 kernel packages upon\nwhich these custom kernel packages are based is available in\nRHSA-2013:1173:\n\nhttps://rhn.redhat.com/errata/RHSA-2013-1173.html\n\nAll Red Hat OpenStack 3.0 users deploying the OpenStack Networking service\nare advised to install these updated packages.\n", "published": "2013-09-03T04:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1195", "cvelist": ["CVE-2013-2206", "CVE-2013-2232", "CVE-2012-6544", "CVE-2013-2146", "CVE-2013-2237", "CVE-2013-2224"], "lastseen": "2017-03-06T09:19:19"}, {"id": "RHSA-2013:1173", "type": "redhat", "title": "(RHSA-2013:1173) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation handled duplicate cookies. If a\nlocal user queried SCTP connection information at the same time a remote\nattacker has initialized a crafted SCTP connection to the system, it could\ntrigger a NULL pointer dereference, causing the system to crash.\n(CVE-2013-2206, Important)\n\n* It was found that the fix for CVE-2012-3552 released via RHSA-2012:1304\nintroduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite\nimplementation. A local, unprivileged user could use this flaw to corrupt\nkernel memory via crafted sendmsg() calls, allowing them to cause a denial\nof service or, potentially, escalate their privileges on the system.\n(CVE-2013-2224, Important)\n\n* A flaw was found in the Linux kernel's Performance Events implementation.\nOn systems with certain Intel processors, a local, unprivileged user could\nuse this flaw to cause a denial of service by leveraging the perf subsystem\nto write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1\nmodel-specific registers. (CVE-2013-2146, Moderate)\n\n* An invalid pointer dereference flaw was found in the Linux kernel's\nTCP/IP protocol suite implementation. A local, unprivileged user could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system by using sendmsg() with an IPv6 socket connected to an IPv4\ndestination. (CVE-2013-2232, Moderate)\n\n* Information leak flaws in the Linux kernel's Bluetooth implementation\ncould allow a local, unprivileged user to leak kernel memory to user-space.\n(CVE-2012-6544, Low)\n\n* An information leak flaw in the Linux kernel could allow a privileged,\nlocal user to leak kernel memory to user-space. (CVE-2013-2237, Low)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2013-08-27T04:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1173", "cvelist": ["CVE-2012-3552", "CVE-2012-6544", "CVE-2013-2146", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2237"], "lastseen": "2017-12-25T20:05:50"}, {"id": "RHSA-2013:1181", "type": "redhat", "title": "(RHSA-2013:1181) Moderate: rhev-hypervisor6 security and bug fix update", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state.\n\nIt was discovered that NSS leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-1620)\n\nIt was found that the fix for CVE-2013-0167 released via RHSA-2013:0907\nwas incomplete. A privileged guest user could potentially use this flaw to\nmake the host the guest is running on unavailable to the management\nserver. (CVE-2013-4236)\n\nAn out-of-bounds memory read flaw was found in the way NSS decoded certain\ncertificates. If an application using NSS decoded a malformed certificate,\nit could cause the application to crash. (CVE-2013-0791)\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter\nof CVE-2013-0791. The CVE-2013-4236 issue was found by David Gibson of Red\nHat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-4854 (bind issue)\n\nCVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232,\nand CVE-2013-2237 (kernel issues)\n\nThis update also contains the fixes from the following errata:\n\n* vdsm: RHSA-2013:1155 and RHBA-2013:1158\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "published": "2013-08-27T04:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:1181", "cvelist": ["CVE-2013-2206", "CVE-2013-0791", "CVE-2013-4236", "CVE-2013-0167", "CVE-2013-2232", "CVE-2012-6544", "CVE-2013-2146", "CVE-2013-2237", "CVE-2013-4854", "CVE-2013-2224", "CVE-2013-1620"], "lastseen": "2017-03-10T07:18:45"}], "debian": [{"id": "DSA-2668", "type": "debian", "title": "linux-2.6 -- privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2012-2121](<https://security-tracker.debian.org/tracker/CVE-2012-2121>)\n\nBenjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots used in KVM device assignment. Local users with the ability to assign devices could cause a denial of service due to a memory page leak.\n\n * [CVE-2012-3552](<https://security-tracker.debian.org/tracker/CVE-2012-3552>)\n\nHafid Lin reported an issue in the IP networking subsystem. A remote user can cause a denial of service (system crash) on servers running applications that set options on sockets which are actively being processed.\n\n * [CVE-2012-4461](<https://security-tracker.debian.org/tracker/CVE-2012-4461>)\n\nJon Howell reported a denial of service issue in the KVM subsystem. On systems that do not support the XSAVE feature, local users with access to the /dev/kvm interface can cause a system crash.\n\n * [CVE-2012-4508](<https://security-tracker.debian.org/tracker/CVE-2012-4508>)\n\nDmitry Monakhov and Theodore Ts'o reported a race condition in the ext4 filesystem. Local users could gain access to sensitive kernel memory.\n\n * [CVE-2012-6537](<https://security-tracker.debian.org/tracker/CVE-2012-6537>)\n\nMathias Krause discovered information leak issues in the Transformation user configuration interface. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory.\n\n * [CVE-2012-6539](<https://security-tracker.debian.org/tracker/CVE-2012-6539>)\n\nMathias Krause discovered an issue in the networking subsystem. Local users on 64-bit systems can gain access to sensitive kernel memory.\n\n * [CVE-2012-6540](<https://security-tracker.debian.org/tracker/CVE-2012-6540>)\n\nMathias Krause discovered an issue in the Linux virtual server subsystem. Local users can gain access to sensitive kernel memory. Note: this issue does not affect Debian provided kernels, but may affect custom kernels built from Debian's linux-source-2.6.32 package.\n\n * [CVE-2012-6542](<https://security-tracker.debian.org/tracker/CVE-2012-6542>)\n\nMathias Krause discovered an issue in the LLC protocol support code. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2012-6544](<https://security-tracker.debian.org/tracker/CVE-2012-6544>)\n\nMathias Krause discovered issues in the Bluetooth subsystem. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2012-6545](<https://security-tracker.debian.org/tracker/CVE-2012-6545>)\n\nMathias Krause discovered issues in the Bluetooth RFCOMM protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2012-6546](<https://security-tracker.debian.org/tracker/CVE-2012-6546>)\n\nMathias Krause discovered issues in the ATM networking support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2012-6548](<https://security-tracker.debian.org/tracker/CVE-2012-6548>)\n\nMathias Krause discovered an issue in the UDF file system support. Local users can obtain access to sensitive kernel memory.\n\n * [CVE-2012-6549](<https://security-tracker.debian.org/tracker/CVE-2012-6549>)\n\nMathias Krause discovered an issue in the isofs file system support. Local users can obtain access to sensitive kernel memory.\n\n * [CVE-2013-0349](<https://security-tracker.debian.org/tracker/CVE-2013-0349>)\n\nAnderson Lizardo discovered an issue in the Bluetooth Human Interface Device Protocol (HIDP) stack. Local users can obtain access to sensitive kernel memory.\n\n * [CVE-2013-0914](<https://security-tracker.debian.org/tracker/CVE-2013-0914>)\n\nEmese Revfy discovered an issue in the signal implementation. Local users may be able to bypass the address space layout randomization (ASLR) facility due to a leaking of information to child processes.\n\n * [CVE-2013-1767](<https://security-tracker.debian.org/tracker/CVE-2013-1767>)\n\nGreg Thelen reported an issue in the tmpfs virtual memory filesystem. Local users with sufficient privilege to mount filesystems can cause a denial of service or possibly elevated privileges due to a use-after free defect.\n\n * [CVE-2013-1773](<https://security-tracker.debian.org/tracker/CVE-2013-1773>)\n\nAlan Stern provided a fix for a defect in the UTF8-&gt;UTF16 string conversion facility used by the VFAT filesystem. A local user could cause a buffer overflow condition, resulting in a denial of service or potentially elevated privileges.\n\n * [CVE-2013-1774](<https://security-tracker.debian.org/tracker/CVE-2013-1774>)\n\nWolfgang Frisch provided a fix for a NULL-pointer dereference defect in the driver for some serial USB devices from Inside Out Networks. Local users with permission to access these devices can create a denial of service (kernel oops) by causing the device to be removed while it is in use.\n\n * [CVE-2013-1792](<https://security-tracker.debian.org/tracker/CVE-2013-1792>)\n\nMateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition in the access key retention support in the kernel. A local user could cause a denial of service (NULL pointer dereference).\n\n * [CVE-2013-1796](<https://security-tracker.debian.org/tracker/CVE-2013-1796>)\n\nAndrew Honig of Google reported an issue in the KVM subsystem. A user in a guest operating system could corrupt kernel memory, resulting in a denial of service.\n\n * [CVE-2013-1798](<https://security-tracker.debian.org/tracker/CVE-2013-1798>)\n\nAndrew Honig of Google reported an issue in the KVM subsystem. A user in a guest operating system could cause a denial of service due to a use after-free defect.\n\n * [CVE-2013-1826](<https://security-tracker.debian.org/tracker/CVE-2013-1826>)\n\nMathias Krause discovered an issue in the Transformation (XFRM) user configuration interface of the networking stack. A user with the CAP_NET_ADMIN capability may be able to gain elevated privileges.\n\n * [CVE-2013-1860](<https://security-tracker.debian.org/tracker/CVE-2013-1860>)\n\nOliver Neukum discovered an issue in the USB CDC WCM Device Management driver. Local users with the ability to attach devices can cause a denial of service (kernel crash) or potentially gain elevated privileges.\n\n * [CVE-2013-1928](<https://security-tracker.debian.org/tracker/CVE-2013-1928>)\n\nKees Cook provided a fix for an information leak in the VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit kernel. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-1929](<https://security-tracker.debian.org/tracker/CVE-2013-1929>)\n\nOded Horovitz and Brad Spengler reported an issue in the device driver for Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach untrusted devices can create an overflow condition, resulting in a denial of service or elevated privileges.\n\n * [CVE-2013-2015](<https://security-tracker.debian.org/tracker/CVE-2013-2015>)\n\nTheodore Ts'o provided a fix for an issue in the ext4 filesystem. Local users with the ability to mount a specially crafted filesystem can cause a denial of service (infinite loop).\n\n * [CVE-2013-2634](<https://security-tracker.debian.org/tracker/CVE-2013-2634>)\n\nMathias Krause discovered a few issues in the Data Center Bridging (DCB) netlink interface. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3222](<https://security-tracker.debian.org/tracker/CVE-2013-3222>)\n\nMathias Krause discovered an issue in the Asynchronous Transfer Mode (ATM) protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3223](<https://security-tracker.debian.org/tracker/CVE-2013-3223>)\n\nMathias Krause discovered an issue in the Amateur Radio AX.25 protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3224](<https://security-tracker.debian.org/tracker/CVE-2013-3224>)\n\nMathias Krause discovered an issue in the Bluetooth subsystem. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3225](<https://security-tracker.debian.org/tracker/CVE-2013-3225>)\n\nMathias Krause discovered an issue in the Bluetooth RFCOMM protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3228](<https://security-tracker.debian.org/tracker/CVE-2013-3228>)\n\nMathias Krause discovered an issue in the IrDA (infrared) subsystem support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3229](<https://security-tracker.debian.org/tracker/CVE-2013-3229>)\n\nMathias Krause discovered an issue in the IUCV support on s390 systems. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3231](<https://security-tracker.debian.org/tracker/CVE-2013-3231>)\n\nMathias Krause discovered an issue in the ANSI/IEEE 802.2 LLC type 2 protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3234](<https://security-tracker.debian.org/tracker/CVE-2013-3234>)\n\nMathias Krause discovered an issue in the Amateur Radio X.25 PLP (Rose) protocol support. Local users can gain access to sensitive kernel memory.\n\n * [CVE-2013-3235](<https://security-tracker.debian.org/tracker/CVE-2013-3235>)\n\nMathias Krause discovered an issue in the Transparent Inter Process Communication (TIPC) protocol support. Local users can gain access to sensitive kernel memory.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze3.\n\nThe following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:\n\n| Debian 6.0 (squeeze) \n---|--- \nuser-mode-linux | 2.6.32-1um-4+48squeeze3 \n \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages. \n\n**Note**: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or \"leap-frog\" fashion.", "published": "2013-05-14T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2668", "cvelist": ["CVE-2013-3228", "CVE-2012-6546", "CVE-2013-1767", "CVE-2012-6537", "CVE-2012-6548", "CVE-2012-4508", "CVE-2012-4461", "CVE-2013-1860", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-3224", "CVE-2012-6545", "CVE-2012-6542", "CVE-2013-3234", "CVE-2013-2015", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6539", "CVE-2012-6540", "CVE-2013-1929", "CVE-2013-3225", "CVE-2012-6544", "CVE-2013-1773", "CVE-2013-3222", "CVE-2012-6549", "CVE-2013-0914", "CVE-2013-2634", "CVE-2013-1928", "CVE-2012-3552", "CVE-2013-1796", "CVE-2012-2121", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "lastseen": "2016-09-02T18:35:58"}], "suse": [{"id": "SUSE-SU-2014:0536-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS\n kernel has been updated to fix various security issues and\n several bugs.\n\n The following security issues have been addressed:\n\n *\n\n CVE-2011-2492: The bluetooth subsystem in the Linux\n kernel before 3.0-rc4 does not properly initialize certain\n data structures, which allows local users to obtain\n potentially sensitive information from kernel memory via a\n crafted getsockopt system call, related to (1) the\n l2cap_sock_getsockopt_old function in\n net/bluetooth/l2cap_sock.c and (2) the\n rfcomm_sock_getsockopt_old function in\n net/bluetooth/rfcomm/sock.c. (bnc#702014)\n\n *\n\n CVE-2011-2494: kernel/taskstats.c in the Linux kernel\n before 3.1 allows local users to obtain sensitive I/O\n statistics by sending taskstats commands to a netlink\n socket, as demonstrated by discovering the length of\n another user's password. (bnc#703156)\n\n *\n\n CVE-2012-6537: net/xfrm/xfrm_user.c in the Linux\n kernel before 3.6 does not initialize certain structures,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability. (bnc#809889)\n\n *\n\n CVE-2012-6539: The dev_ifconf function in\n net/socket.c in the Linux kernel before 3.6 does not\n initialize a certain structure, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809891)\n\n *\n\n CVE-2012-6540: The do_ip_vs_get_ctl function in\n net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before\n 3.6 does not initialize a certain structure for\n IP_VS_SO_GET_TIMEOUT commands, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809892)\n\n *\n\n CVE-2012-6541: The ccid3_hc_tx_getsockopt function in\n net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does\n not initialize a certain structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted application. (bnc#809893)\n\n *\n\n CVE-2012-6542: The llc_ui_getname function in\n net/llc/af_llc.c in the Linux kernel before 3.6 has an\n incorrect return value in certain circumstances, which\n allows local users to obtain sensitive information from\n kernel stack memory via a crafted application that\n leverages an uninitialized pointer argument. (bnc#809894)\n\n *\n\n CVE-2012-6544: The Bluetooth protocol stack in the\n Linux kernel before 3.6 does not properly initialize\n certain structures, which allows local users to obtain\n sensitive information from kernel stack memory via a\n crafted application that targets the (1) L2CAP or (2) HCI\n implementation. (bnc#809898)\n\n *\n\n CVE-2012-6545: The Bluetooth RFCOMM implementation in\n the Linux kernel before 3.6 does not properly initialize\n certain structures, which allows local users to obtain\n sensitive information from kernel memory via a crafted\n application. (bnc#809899)\n\n *\n\n CVE-2012-6546: The ATM implementation in the Linux\n kernel before 3.6 does not initialize certain structures,\n which allows local users to obtain sensitive information\n from kernel stack memory via a crafted application.\n (bnc#809900)\n\n *\n\n CVE-2012-6547: The __tun_chr_ioctl function in\n drivers/net/tun.c in the Linux kernel before 3.6 does not\n initialize a certain structure, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted application. (bnc#809901)\n\n *\n\n CVE-2012-6549: The isofs_export_encode_fh function in\n fs/isofs/export.c in the Linux kernel before 3.6 does not\n initialize a certain structure member, which allows local\n users to obtain sensitive information from kernel heap\n memory via a crafted application. (bnc#809903)\n\n *\n\n CVE-2013-0343: The ipv6_create_tempaddr function in\n net/ipv6/addrconf.c in the Linux kernel through 3.8 does\n not properly handle problems with the generation of IPv6\n temporary addresses, which allows remote attackers to cause\n a denial of service (excessive retries and\n address-generation outage), and consequently obtain\n sensitive information, via ICMPv6 Router Advertisement (RA)\n messages. (bnc#805226)\n\n *\n\n CVE-2013-0914: The flush_signal_handlers function in\n kernel/signal.c in the Linux kernel before 3.8.4 preserves\n the value of the sa_restorer field across an exec\n operation, which makes it easier for local users to bypass\n the ASLR protection mechanism via a crafted application\n containing a sigaction system call. (bnc#808827)\n\n *\n\n CVE-2013-1827: net/dccp/ccid.h in the Linux kernel\n before 3.5.4 allows local users to gain privileges or cause\n a denial of service (NULL pointer dereference and system\n crash) by leveraging the CAP_NET_ADMIN capability for a\n certain (1) sender or (2) receiver getsockopt call.\n (bnc#811354)\n\n *\n\n CVE-2013-2141: The do_tkill function in\n kernel/signal.c in the Linux kernel before 3.8.9 does not\n initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel memory\n via a crafted application that makes a (1) tkill or (2)\n tgkill system call. (bnc#823267)\n\n *\n\n CVE-2013-2164: The mmc_ioctl_cdrom_read_data function\n in drivers/cdrom/cdrom.c in the Linux kernel through 3.10\n allows local users to obtain sensitive information from\n kernel memory via a read operation on a malfunctioning\n CD-ROM drive. (bnc#824295)\n\n *\n\n CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel before 3.8.5 does not properly handle\n associations during the processing of a duplicate COOKIE\n ECHO chunk, which allows remote attackers to cause a denial\n of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102)\n\n *\n\n CVE-2013-2232: The ip6_sk_dst_check function in\n net/ipv6/ip6_output.c in the Linux kernel before 3.10\n allows local users to cause a denial of service (system\n crash) by using an AF_INET6 socket for a connection to an\n IPv4 interface. (bnc#827750)\n\n *\n\n CVE-2013-2234: The (1) key_notify_sa_flush and (2)\n key_notify_policy_flush functions in net/key/af_key.c in\n the Linux kernel before 3.10 do not initialize certain\n structure members, which allows local users to obtain\n sensitive information from kernel heap memory by reading a\n broadcast message from the notify interface of an IPSec\n key_socket. (bnc#827749)\n\n *\n\n CVE-2013-2237: The key_notify_policy_flush function\n in net/key/af_key.c in the Linux kernel before 3.9 does not\n initialize a certain structure member, which allows local\n users to obtain sensitive information from kernel heap\n memory by reading a broadcast message from the\n notify_policy interface of an IPSec key_socket. (bnc#828119)\n\n *\n\n CVE-2013-2888: Multiple array index errors in\n drivers/hid/hid-core.c in the Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11 allow physically\n proximate attackers to execute arbitrary code or cause a\n denial of service (heap memory corruption) via a crafted\n device that provides an invalid Report ID. (bnc#835839)\n\n *\n\n CVE-2013-2893: The Human Interface Device (HID)\n subsystem in the Linux kernel through 3.11, when\n CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or\n CONFIG_LOGIWHEELS_FF is enabled, allows physically\n proximate attackers to cause a denial of service\n (heap-based out-of-bounds write) via a crafted device,\n related to (1) drivers/hid/hid-lgff.c, (2)\n drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.\n (bnc#835839)\n\n *\n\n CVE-2013-2897: Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface Device\n (HID) subsystem in the Linux kernel through 3.11, when\n CONFIG_HID_MULTITOUCH is enabled, allow physically\n proximate attackers to cause a denial of service (heap\n memory corruption, or NULL pointer dereference and OOPS)\n via a crafted device. (bnc#835839)\n\n *\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel before\n 3.9-rc7 does not properly initialize a certain length\n variable, which allows local users to obtain sensitive\n information from kernel stack memory via a crafted recvmsg\n or recvfrom system call. (bnc#816668)\n\n *\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain length variable, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7\n does not initialize a certain data structure, which allows\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does\n not initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n (bnc#816668)\n\n *\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel\n before 3.9-rc7 does not initialize a certain data structure\n and a certain length variable, which allows local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call. (bnc#816668)\n\n *\n\n CVE-2013-4162: The udp_v6_push_pending_frames\n function in net/ipv6/udp.c in the IPv6 implementation in\n the Linux kernel through 3.10.3 makes an incorrect function\n call for pending data, which allows local users to cause a\n denial of service (BUG and system crash) via a crafted\n application that uses the UDP_CORK option in a setsockopt\n system call. (bnc#831058)\n\n *\n\n CVE-2013-4387: net/ipv6/ip6_output.c in the Linux\n kernel through 3.11.4 does not properly determine the need\n for UDP Fragmentation Offload (UFO) processing of small\n packets after the UFO queueing of a large packet, which\n allows remote attackers to cause a denial of service\n (memory corruption and system crash) or possibly have\n unspecified other impact via network traffic that triggers\n a large response packet. (bnc#843430)\n\n *\n\n CVE-2013-4470: The Linux kernel before 3.12, when UDP\n Fragmentation Offload (UFO) is enabled, does not properly\n initialize certain data structures, which allows local\n users to cause a denial of service (memory corruption and\n system crash) or possibly gain privileges via a crafted\n application that uses the UDP_CORK option in a setsockopt\n system call and sends both short and long packets, related\n to the ip_ufo_append_data function in net/ipv4/ip_output.c\n and the ip6_ufo_append_data function in\n net/ipv6/ip6_output.c. (bnc#847672)\n\n *\n\n CVE-2013-4483: The ipc_rcu_putref function in\n ipc/util.c in the Linux kernel before 3.10 does not\n properly manage a reference count, which allows local users\n to cause a denial of service (memory consumption or system\n crash) via a crafted application. (bnc#848321)\n\n *\n\n CVE-2013-4588: Multiple stack-based buffer overflows\n in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel\n before 2.6.33, when CONFIG_IP_VS is used, allow local users\n to gain privileges by leveraging the CAP_NET_ADMIN\n capability for (1) a getsockopt system call, related to the\n do_ip_vs_get_ctl function, or (2) a setsockopt system call,\n related to the do_ip_vs_set_ctl function. (bnc#851095)\n\n *\n\n CVE-2013-6383: The aac_compat_ioctl function in\n drivers/scsi/aacraid/linit.c in the Linux kernel before\n 3.11.8 does not require the CAP_SYS_RAWIO capability, which\n allows local users to bypass intended access restrictions\n via a crafted ioctl call. (bnc#852558)\n\n *\n\n CVE-2014-1444: The fst_get_iface function in\n drivers/net/wan/farsync.c in the Linux kernel before 3.11.7\n does not properly initialize a certain data structure,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability for an SIOCWANDEV ioctl call. (bnc#858869)\n\n *\n\n CVE-2014-1445: The wanxl_ioctl function in\n drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7\n does not properly initialize a certain data structure,\n which allows local users to obtain sensitive information\n from kernel memory via an ioctl call. (bnc#858870)\n\n *\n\n CVE-2014-1446: The yam_ioctl function in\n drivers/net/hamradio/yam.c in the Linux kernel before\n 3.12.8 does not initialize a certain structure member,\n which allows local users to obtain sensitive information\n from kernel memory by leveraging the CAP_NET_ADMIN\n capability for an SIOCYAMGCFG ioctl call. (bnc#858872)\n\n Also the following non-security bugs have been fixed:\n\n * kernel: Remove newline from execve audit log\n (bnc#827855).\n * kernel: sclp console hangs (bnc#830344, LTC#95711).\n * kernel: fix flush_tlb_kernel_range (bnc#825052,\n LTC#94745).\n *\n\n kernel: lost IPIs on CPU hotplug (bnc#825052,\n LTC#94784).\n\n *\n\n sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n\n * net: Uninline kfree_skb and allow NULL argument\n (bnc#853501).\n * netback: don't disconnect frontend when seeing\n oversize packet.\n *\n\n netfront: reduce gso_max_size to account for max TCP\n header.\n\n *\n\n fs/dcache: Avoid race in d_splice_alias and vfs_rmdir\n (bnc#845028).\n\n * fs/proc: proc_task_lookup() fix memory pinning\n (bnc#827362 bnc#849765).\n * blkdev_max_block: make private to fs/buffer.c\n (bnc#820338).\n * vfs: avoid &quot;attempt to access beyond end of device&quot;\n warnings (bnc#820338).\n * vfs: fix O_DIRECT read past end of block device\n (bnc#820338).\n * cifs: don't use CIFSGetSrvInodeNumber in\n is_path_accessible (bnc#832603).\n * xfs: Fix kABI breakage caused by AIL list\n transformation (bnc#806219).\n * xfs: Replace custom AIL linked-list code with struct\n list_head (bnc#806219).\n * reiserfs: fix problems with chowning setuid file w/\n xattrs (bnc#790920).\n * reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n *\n\n jbd: Fix forever sleeping process in\n do_get_write_access() (bnc#827983).\n\n *\n\n HID: check for NULL field when setting values\n (bnc#835839).\n\n * HID: provide a helper for validating hid reports\n (bnc#835839).\n * bcm43xx: netlink deadlock fix (bnc#850241).\n * bnx2: Close device if tx_timeout reset fails\n (bnc#857597).\n * xfrm: invalidate dst on policy insertion/deletion\n (bnc#842239).\n * xfrm: prevent ipcomp scratch buffer race condition\n (bnc#842239).\n * lpfc: Update to 8.2.0.106 (bnc#798050).\n * Make lpfc task management timeout configurable\n (bnc#798050).\n * dpt_i2o: Remove DPTI_STATE_IOCTL (bnc#798050).\n * dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset\n (bnc#798050).\n * advansys: Remove 'last_reset' references (bnc#798050).\n * tmscsim: Move 'last_reset' into host structure\n (bnc#798050).\n *\n\n dc395: Move 'last_reset' into internal host structure\n (bnc#798050).\n\n *\n\n scsi: remove check for 'resetting' (bnc#798050).\n\n * scsi: Allow error handling timeout to be specified\n (bnc#798050).\n * scsi: Eliminate error handler overload of the SCSI\n serial number (bnc#798050).\n * scsi: Reduce sequential pointer derefs in\n scsi_error.c and reduce size as well (bnc#798050).\n * scsi: Reduce error recovery time by reducing use of\n TURs (bnc#798050).\n * scsi: fix eh wakeup (scsi_schedule_eh vs\n scsi_restart_operations)\n * scsi: cleanup setting task state in\n scsi_error_handler() (bnc#798050).\n * scsi: Add 'eh_deadline' to limit SCSI EH runtime\n (bnc#798050).\n * scsi: Fixup compilation warning (bnc#798050).\n * scsi: fc class: fix scanning when devs are offline\n (bnc#798050).\n * scsi: Warn on invalid command completion (bnc#798050).\n * scsi: Retry failfast commands after EH (bnc#798050).\n * scsi: kABI fixes (bnc#798050).\n", "published": "2014-04-16T20:04:36", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00013.html", "cvelist": ["CVE-2013-3228", "CVE-2013-2234", "CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-2206", "CVE-2013-6383", "CVE-2013-1827", "CVE-2013-3231", "CVE-2013-3229", "CVE-2011-2492", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-4162", "CVE-2012-6542", "CVE-2013-3234", "CVE-2014-1446", "CVE-2013-2897", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6547", "CVE-2013-2232", "CVE-2011-2494", "CVE-2012-6544", "CVE-2013-3222", "CVE-2013-4387", "CVE-2013-4483", "CVE-2014-1444", "CVE-2012-6549", "CVE-2013-0914", "CVE-2013-0343", "CVE-2013-2237", "CVE-2014-1445", "CVE-2013-4470", "CVE-2013-3235", "CVE-2013-2888", "CVE-2013-4588", "CVE-2013-3223", "CVE-2013-2164", "CVE-2013-2893"], "lastseen": "2016-09-04T11:31:29"}, {"id": "OPENSUSE-SU-2013:0396-1", "type": "suse", "title": "kernel: security and bugfix update (important)", "description": "The Linux kernel was updated to fix various bugs and\n security issues:\n\n CVE-2013-0871: Race condition in the ptrace functionality\n in the Linux kernel allowed local users to gain privileges\n via a PTRACE_SETREGS ptrace system call in a crafted\n application, as demonstrated by ptrace_death.\n\n CVE-2013-0160: Avoid a side channel attack on /dev/ptmx\n (keyboard input timing).\n\n CVE-2012-5374: Fixed a local denial of service in the BTRFS\n hashing code.\n\n CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux\n kernel, when transparent huge pages are used, does not\n properly support PROT_NONE memory regions, which allows\n local users to cause a denial of service (system crash) via\n a crafted application.\n\n CVE-2013-0268: The msr_open function in\n arch/x86/kernel/msr.c in the Linux kernel allowed local\n users to bypass intended capability restrictions by\n executing a crafted application as root, as demonstrated by\n msr32.c.\n\n CVE-2012-0957: The override_release function in\n kernel/sys.c in the Linux kernel allowed local users to\n obtain sensitive information from kernel stack memory via a\n uname system call in conjunction with a UNAME26 personality.\n\n CVE-2013-0216: The Xen netback functionality in the Linux\n kernel allowed guest OS users to cause a denial of service\n (loop) by triggering ring pointer corruption.\n\n CVE-2013-0231: The pciback_enable_msi function in the PCI\n backend driver\n (drivers/xen/pciback/conf_space_capability_msi.c) in Xen\n for the Linux kernel allowed guest OS users with PCI device\n access to cause a denial of service via a large number of\n kernel log messages. NOTE: some of these details are\n obtained from third party information.\n\n CVE-2012-4530: The load_script function in\n fs/binfmt_script.c in the Linux kernel did not properly\n handle recursion, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted application.\n\n CVE-2012-4508: Race condition in fs/ext4/extents.c in the\n Linux kernel allowed local users to obtain sensitive\n information from a deleted file by reading an extent that\n was not properly marked as uninitialized.\n\n CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver\n in the Linux kernel allowed remote attackers to cause a\n denial of service (DMA descriptor consumption and\n network-controller outage) via crafted TCP packets that\n trigger a small MSS value.\n\n CVE-2012-2745: The copy_creds function in kernel/cred.c in\n the Linux kernel provided an invalid replacement session\n keyring to a child process, which allowed local users to\n cause a denial of service (panic) via a crafted application\n that uses the fork system call.\n\n CVE-2012-3375: The epoll_ctl system call in fs/eventpoll.c\n in the Linux kernel did not properly handle ELOOP errors in\n EPOLL_CTL_ADD operations, which allowed local users to\n cause a denial of service (file-descriptor consumption and\n system crash) via a crafted application that attempts to\n create a circular epoll dependency.\n\n CVE-2012-3400: Heap-based buffer overflow in the\n udf_load_logicalvol function in fs/udf/super.c in the Linux\n kernel allowed remote attackers to cause a denial of\n service (system crash) or possibly have unspecified other\n impact via a crafted UDF filesystem.\n\n", "published": "2013-03-05T18:04:24", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00005.html", "cvelist": ["CVE-2013-0871", "CVE-2012-4508", "CVE-2013-0268", "CVE-2013-0160", "CVE-2012-0957", "CVE-2012-2745", "CVE-2013-0231", "CVE-2012-3412", "CVE-2012-4530", "CVE-2013-0216", "CVE-2012-3400", "CVE-2012-3375", "CVE-2013-0309", "CVE-2012-5374"], "lastseen": "2016-09-04T11:43:03"}, {"id": "SUSE-SU-2013:0856-1", "type": "suse", "title": "Security update for Linux kernel (important)", "description": "The SUSE Linux Enterprise 10 SP4 kernel has been updated to\n fix various bugs and security issues.\n\n Security issues fixed:\n\n *\n\n CVE-2012-4444: The ip6_frag_queue function in\n net/ipv6/reassembly.c in the Linux kernel allowed remote\n attackers to bypass intended network restrictions via\n overlapping IPv6 fragments.\n\n *\n\n CVE-2013-1928: The do_video_set_spu_palette function\n in fs/compat_ioctl.c in the Linux kernel lacked a certain\n error check, which might have allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb\n device.\n\n Also the following bugs have been fixed:\n\n * hugetlb: Fix regression introduced by the original\n patch (bnc#790236, bnc#819403).\n * NFSv3/v2: Fix data corruption with NFS short reads\n (bnc#818337).\n * Fix package descriptions in specfiles (bnc#817666).\n * TTY: fix atime/mtime regression (bnc#815745).\n * virtio_net: ensure big packets are 64k (bnc#760753).\n * virtio_net: refill rx buffers when oom occurs\n (bnc#760753).\n * qeth: fix qeth_wait_for_threads() deadlock for OSN\n devices (bnc#812317, LTC#90910).\n * nfsd: remove unnecessary NULL checks from\n nfsd_cross_mnt (bnc#810628).\n * knfsd: Fixed problem with NFS exporting directories\n which are mounted on (bnc#810628).\n", "published": "2013-06-04T23:04:12", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html", "cvelist": ["CVE-2012-4444", "CVE-2013-1928"], "lastseen": "2016-09-04T12:22:34"}, {"id": "OPENSUSE-SU-2013:0847-1", "type": "suse", "title": "kernel: security and bugfix update (important)", "description": "The openSUSE 12.1 kernel was updated to fix a severe\n secrutiy issue and various bugs.\n\n Security issues fixed: CVE-2013-2094: The perf_swevent_init\n function in kernel/events/core.c in the Linux kernel used\n an incorrect integer data type, which allowed local users\n to gain privileges via a crafted perf_event_open system\n call.\n\n CVE-2013-1774: The chase_port function in\n drivers/usb/serial/io_ti.c in the Linux kernel allowed\n local users to cause a denial of service (NULL pointer\n dereference and system crash) via an attempted /dev/ttyUSB\n read or write operation on a disconnected Edgeport USB\n serial converter.\n\n CVE-2013-1928: The do_video_set_spu_palette function in\n fs/compat_ioctl.c in the Linux kernel lacked a certain\n error check, which might have allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb\n device.\n\n CVE-2013-1796: The kvm_set_msr_common function in\n arch/x86/kvm/x86.c in the Linux kernel did not ensure a\n required time_page alignment during an MSR_KVM_SYSTEM_TIME\n operation, which allowed guest OS users to cause a denial\n of service (buffer overflow and host OS memory corruption)\n or possibly have unspecified other impact via a crafted\n application.\n\n CVE-2013-1797: Use-after-free vulnerability in\n arch/x86/kvm/x86.c in the Linux kernel allowed guest OS\n users to cause a denial of service (host OS memory\n corruption) or possibly have unspecified other impact via a\n crafted application that triggers use of a guest physical\n address (GPA) in (1) movable or (2) removable memory during\n an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.\n\n CVE-2013-1798: The ioapic_read_indirect function in\n virt/kvm/ioapic.c in the Linux kernel did not properly\n handle a certain combination of invalid IOAPIC_REG_SELECT\n and IOAPIC_REG_WINDOW operations, which allowed guest OS\n users to obtain sensitive information from host OS memory\n or cause a denial of service (host OS OOPS) via a crafted\n application.\n\n CVE-2013-1767: Use-after-free vulnerability in the\n shmem_remount_fs function in mm/shmem.c in the Linux kernel\n allowed local users to gain privileges or cause a denial of\n service (system crash) by remounting a tmpfs filesystem\n without specifying a required mpol (aka mempolicy) mount\n option.\n\n CVE-2013-0913: Integer overflow in\n drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915\n driver in the Direct Rendering Manager (DRM) subsystem in\n the Linux kernel allowed local users to cause a denial of\n service (heap-based buffer overflow) or possibly have\n unspecified other impact via a crafted application that\n triggers many relocation copies, and potentially leads to a\n race condition.\n\n Bugs fixed:\n - qlge: fix dma map leak when the last chunk is not\n allocated (bnc#819519).\n\n - TTY: fix atime/mtime regression (bnc#815745).\n\n - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error\n check (bnc#813735).\n\n - USB: io_ti: Fix NULL dereference in chase_port()\n (bnc#806976, CVE-2013-1774).\n\n - KVM: Convert MSR_KVM_SYSTEM_TIME to use\n gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).\n - KVM: Fix bounds checking in ioapic indirect register read\n (bnc#806980 CVE-2013-1798).\n - KVM: Fix for buffer overflow in handling of\n MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).\n - kabi/severities: Allow kvm module abi changes - modules\n are self consistent\n\n - loopdev: fix a deadlock (bnc#809748).\n - block: use i_size_write() in bd_set_size() (bnc#809748).\n\n - drm/i915: bounds check execbuffer relocation count\n (bnc#808829,CVE-2013-0913).\n\n - tmpfs: fix use-after-free of mempolicy object\n (bnc#806138, CVE-2013-1767).\n\n", "published": "2013-05-31T16:04:13", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html", "cvelist": ["CVE-2013-1797", "CVE-2013-1767", "CVE-2013-1774", "CVE-2013-0913", "CVE-2013-1928", "CVE-2013-2094", "CVE-2013-1796", "CVE-2013-1798"], "lastseen": "2016-09-04T12:42:58"}], "amazon": [{"id": "ALAS-2013-148", "type": "amazon", "title": "Medium: kernel,nvidia", "description": "**Issue Overview:**\n\nA malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. ([CVE-2012-2375 __](<https://access.redhat.com/security/cve/CVE-2012-2375>), Moderate)\n\nA divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use (the sysctl net.ipv4.tcp_congestion_control variable set to \"illinois\"), a local, unprivileged user could trigger this flaw and cause a denial of service. ([CVE-2012-4565 __](<https://access.redhat.com/security/cve/CVE-2012-4565>), Moderate)\n\nA NULL pointer dereference flaw was found in the way a new node's hot added memory was propagated to other nodes' zonelists. By utilizing this newly added memory from one of the remaining nodes, a local, unprivileged user could use this flaw to cause a denial of service. ([CVE-2012-5517 __](<https://access.redhat.com/security/cve/CVE-2012-5517>), Moderate)\n\nIt was found that a prevoius kernel release did not correctly fix the [CVE-2009-4307 __](<https://access.redhat.com/security/cve/CVE-2009-4307>) issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. ([CVE-2012-2100 __](<https://access.redhat.com/security/cve/CVE-2012-2100>), Low)\n\nA flaw was found in the way the Linux kernel's IPv6 implementation handled overlapping, fragmented IPv6 packets. A remote attacker could potentially use this flaw to bypass protection mechanisms (such as a firewall or intrusion detection system (IDS)) when sending network packets to a target system. ([CVE-2012-4444 __](<https://access.redhat.com/security/cve/CVE-2012-4444>), Low)\n\n \n**Affected Packages:** \n\n\nkernel,nvidia\n\n \n**Issue Correction:** \nRun _yum update kernel nvidia_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-devel-3.2.36-1.46.amzn1.i686 \n kernel-headers-3.2.36-1.46.amzn1.i686 \n kernel-tools-debuginfo-3.2.36-1.46.amzn1.i686 \n kernel-tools-3.2.36-1.46.amzn1.i686 \n kernel-debuginfo-3.2.36-1.46.amzn1.i686 \n kernel-3.2.36-1.46.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.36-1.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.36-1.46.amzn1.noarch \n \n src: \n kernel-3.2.36-1.46.amzn1.src \n nvidia-310.19-2012.09.10.amzn1.src \n \n x86_64: \n kernel-devel-3.2.36-1.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.36-1.46.amzn1.x86_64 \n kernel-tools-3.2.36-1.46.amzn1.x86_64 \n kernel-debuginfo-3.2.36-1.46.amzn1.x86_64 \n kernel-3.2.36-1.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.36-1.46.amzn1.x86_64 \n kernel-headers-3.2.36-1.46.amzn1.x86_64 \n nvidia-310.19-2012.09.10.amzn1.x86_64 \n nvidia-kmod-3.2.36-1.46.amzn1-310.19-2012.09.10.amzn1.x86_64 \n \n \n", "published": "2013-01-14T01:14:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2013-148.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517", "CVE-2009-4307"], "lastseen": "2016-09-28T21:04:02"}, {"id": "ALAS-2012-142", "type": "amazon", "title": "Medium: kernel", "description": "**Issue Overview:**\n\nA use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. ([CVE-2012-2133 __](<https://access.redhat.com/security/cve/CVE-2012-2133>), Moderate)\n\nA use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. ([CVE-2012-3511 __](<https://access.redhat.com/security/cve/CVE-2012-3511>), Moderate)\n\nIt was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. ([CVE-2012-1568 __](<https://access.redhat.com/security/cve/CVE-2012-1568>), Low)\n\nBuffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. ([CVE-2012-3400 __](<https://access.redhat.com/security/cve/CVE-2012-3400>), Low)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-devel-3.2.34-55.46.amzn1.i686 \n kernel-debuginfo-3.2.34-55.46.amzn1.i686 \n kernel-3.2.34-55.46.amzn1.i686 \n kernel-tools-3.2.34-55.46.amzn1.i686 \n kernel-headers-3.2.34-55.46.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.34-55.46.amzn1.i686 \n kernel-tools-debuginfo-3.2.34-55.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.34-55.46.amzn1.noarch \n \n src: \n kernel-3.2.34-55.46.amzn1.src \n \n x86_64: \n kernel-devel-3.2.34-55.46.amzn1.x86_64 \n kernel-tools-3.2.34-55.46.amzn1.x86_64 \n kernel-debuginfo-3.2.34-55.46.amzn1.x86_64 \n kernel-headers-3.2.34-55.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.34-55.46.amzn1.x86_64 \n kernel-3.2.34-55.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.34-55.46.amzn1.x86_64 \n \n \n", "published": "2012-11-20T06:34:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2012-142.html", "cvelist": ["CVE-2012-2133", "CVE-2012-4508", "CVE-2012-3511", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-1568", "CVE-2012-3400"], "lastseen": "2016-09-28T21:03:59"}, {"id": "ALAS-2013-200", "type": "amazon", "title": "Medium: kernel", "description": "**Issue Overview:**\n\nHeap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. \n\nUse-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. \n\nThe vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nThe flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. \n\nThe llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nnet/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nBuffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion. \n\nThe Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. \n\nThe Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. \n\nThe bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-debuginfo-common-i686-3.4.48-45.46.amzn1.i686 \n kernel-tools-debuginfo-3.4.48-45.46.amzn1.i686 \n kernel-debuginfo-3.4.48-45.46.amzn1.i686 \n kernel-tools-3.4.48-45.46.amzn1.i686 \n kernel-headers-3.4.48-45.46.amzn1.i686 \n kernel-devel-3.4.48-45.46.amzn1.i686 \n kernel-3.4.48-45.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.4.48-45.46.amzn1.noarch \n \n src: \n kernel-3.4.48-45.46.amzn1.src \n \n x86_64: \n kernel-tools-3.4.48-45.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.4.48-45.46.amzn1.x86_64 \n kernel-debuginfo-3.4.48-45.46.amzn1.x86_64 \n kernel-headers-3.4.48-45.46.amzn1.x86_64 \n kernel-3.4.48-45.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.4.48-45.46.amzn1.x86_64 \n kernel-devel-3.4.48-45.46.amzn1.x86_64 \n \n \n", "published": "2013-06-11T22:45:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2013-200.html", "cvelist": ["CVE-2013-1767", "CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-1773", "CVE-2013-3222", "CVE-2013-0914", "CVE-2013-3235"], "lastseen": "2016-09-28T21:04:07"}], "exploitdb": [{"id": "EDB-ID:37937", "type": "exploitdb", "title": "Linux Kernel 3.2.x 'uname' System Call Local Information Disclosure Vulnerability", "description": "Linux Kernel 3.2.x 'uname()' System Call Local Information Disclosure Vulnerability. CVE-2012-0957. Local exploit for linux platform", "published": "2012-10-09T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/37937/", "cvelist": ["CVE-2012-0957"], "lastseen": "2016-02-04T06:56:06"}], "seebug": [{"id": "SSV:60638", "type": "seebug", "title": "Linux Kernel mm: thp: pmd_present\u548cPROT_NONE\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "description": "BUGTRAQ ID: 58046\r\nCVE(CAN) ID: CVE-2013-0309\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\n\u4f7f\u7528pmd_present\u7684VM\u4f1a\u8fd4\u56de\u9519\u8bef\u7684PROT_NONE\u8303\u56f4\u503c\uff0c\u5f53\u4f7f\u7528pmd_present\u7684\u4ee3\u7801\u5f97\u5230\u6f0f\u62a5\u540e\uff0c\u5185\u6838\u4f1a\u5d29\u6e83\uff0c\u672c\u5730\u672a\u6388\u6743\u7528\u6237\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002\n0\nLinux kernel 2.6.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=027ef6c8", "published": "2013-02-22T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-60638", "cvelist": ["CVE-2013-0309"], "lastseen": "2017-11-19T17:45:04"}]}}