ID USN-2467-1 Type ubuntu Reporter Ubuntu Modified 2015-01-13T00:00:00
Description
A null pointer dereference flaw was discovered in the the Linux kernel’s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)
A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)
Miloš Prchlík reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)
A stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)
{"id": "USN-2467-1", "bulletinFamily": "unix", "title": "Linux kernel (Utopic HWE) vulnerabilities", "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "published": "2015-01-13T00:00:00", "modified": "2015-01-13T00:00:00", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/2467-1/", "reporter": "Ubuntu", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "type": "ubuntu", "lastseen": "2018-08-31T00:08:55", "history": [{"bulletin": {"affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "packageVersion": "3.16.0-29.39~14.04.1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "4f93432e8b51efdd43d636a3362db42576215bcfab4d358f885cd334ef481938", "hashmap": [{"hash": "9b408caca9fb27209cc98b2ecd99b930", "key": "href"}, {"hash": "a4a72afef5ef9256c7bbdf427ba3f4d6", "key": "cvelist"}, {"hash": "8f2de39732573264efb6b55874ca259c", "key": "description"}, {"hash": "45a87397e608488f8cdcb20b159edfec", "key": "references"}, {"hash": "c7de3e123e39d34f9bbf088a371f2bd4", "key": "title"}, {"hash": "1d41c853af58d3a7ae54990ce29417d8", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "3d945423f8e9496c429a5d8c65b4604f", "key": "reporter"}, {"hash": "81573fced906c6c685b5b8c396d52131", "key": "modified"}, {"hash": "2e79d14d964d2b5d6aa4362339537c72", "key": "affectedPackage"}, {"hash": "81573fced906c6c685b5b8c396d52131", "key": "published"}], "history": [], "href": "https://usn.ubuntu.com/2467-1/", "id": "USN-2467-1", "lastseen": "2018-08-30T20:08:14", "modified": "2015-01-13T00:00:00", "objectVersion": "1.3", "published": "2015-01-13T00:00:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "reporter": "Ubuntu", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T20:08:14"}, {"bulletin": {"affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "packageVersion": "3.16.0-29.39~14.04.1"}], "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "f75a1db62da3ef389a047d01f97f576a4a93f39c05fe9ccc8615386c509cb5a0", "hashmap": [{"hash": "9b408caca9fb27209cc98b2ecd99b930", "key": "href"}, {"hash": "98b292f143cc7bbefe568a9d94c888c6", "key": "cvss"}, {"hash": "a4a72afef5ef9256c7bbdf427ba3f4d6", "key": "cvelist"}, {"hash": "8f2de39732573264efb6b55874ca259c", "key": "description"}, {"hash": "45a87397e608488f8cdcb20b159edfec", "key": "references"}, {"hash": "c7de3e123e39d34f9bbf088a371f2bd4", "key": "title"}, {"hash": "1d41c853af58d3a7ae54990ce29417d8", "key": "type"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "3d945423f8e9496c429a5d8c65b4604f", "key": "reporter"}, {"hash": "81573fced906c6c685b5b8c396d52131", "key": "modified"}, {"hash": "2e79d14d964d2b5d6aa4362339537c72", "key": "affectedPackage"}, {"hash": "81573fced906c6c685b5b8c396d52131", "key": "published"}], "history": [], "href": "https://usn.ubuntu.com/2467-1/", "id": "USN-2467-1", "lastseen": "2018-03-29T18:19:38", "modified": "2015-01-13T00:00:00", "objectVersion": "1.3", "published": "2015-01-13T00:00:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "reporter": "Ubuntu", "title": "Linux kernel (Utopic HWE) vulnerabilities", "type": "ubuntu", "viewCount": 0}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-03-29T18:19:38"}], "edition": 3, "hashmap": [{"key": "affectedPackage", "hash": "2e79d14d964d2b5d6aa4362339537c72"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "a4a72afef5ef9256c7bbdf427ba3f4d6"}, {"key": "cvss", "hash": "98b292f143cc7bbefe568a9d94c888c6"}, {"key": "description", "hash": "8f2de39732573264efb6b55874ca259c"}, {"key": "href", "hash": "9b408caca9fb27209cc98b2ecd99b930"}, {"key": "modified", "hash": "81573fced906c6c685b5b8c396d52131"}, {"key": "published", "hash": "81573fced906c6c685b5b8c396d52131"}, {"key": "references", "hash": "45a87397e608488f8cdcb20b159edfec"}, {"key": "reporter", "hash": "3d945423f8e9496c429a5d8c65b4604f"}, {"key": "title", "hash": "c7de3e123e39d34f9bbf088a371f2bd4"}, {"key": "type", "hash": "1d41c853af58d3a7ae54990ce29417d8"}], "hash": "f75a1db62da3ef389a047d01f97f576a4a93f39c05fe9ccc8615386c509cb5a0", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "packageVersion": "3.16.0-29.39~14.04.1"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "packageVersion": "3.16.0-29.39~14.04.1"}]}
{"cve": [{"lastseen": "2016-09-03T21:23:12", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1163744", "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4", "http://www.securityfocus.com/bid/71082", "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97fc15436b36ee3956efad83e22a557991f7d19d", "https://github.com/torvalds/linux/commit/97fc15436b36ee3956efad83e22a557991f7d19d", "http://www.openwall.com/lists/oss-security/2014/11/13/5"], "edition": 1, "description": "The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary.", "reporter": "NVD", "published": "2014-11-29T20:59:05", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "CVE-2014-7843", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7843"], "scanner": [], "modified": "2015-01-22T09:01:13", "cpe": ["cpe:/o:linux:linux_kernel:3.17.3::~~~~arm64~"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7843", "id": "CVE-2014-7843", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-04-18T15:55:21", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0102.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1163087", "http://rhn.redhat.com/errata/RHSA-2015-0087.html", "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4", "http://linux.oracle.com/errata/ELSA-2015-3004.html", "https://github.com/torvalds/linux/commit/e40607cbe270a9e8360907cb1e62ddf0736e4864", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html", "http://rhn.redhat.com/errata/RHSA-2015-0285.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html", "http://www.debian.org/security/2014/dsa-3093", "http://secunia.com/advisories/62735", "http://www.openwall.com/lists/oss-security/2014/11/13/6", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html", "http://rhn.redhat.com/errata/RHSA-2015-0695.html", "http://linux.oracle.com/errata/ELSA-2015-3005.html", "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html", "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e40607cbe270a9e8360907cb1e62ddf0736e4864", "http://rhn.redhat.com/errata/RHSA-2015-0284.html", "http://secunia.com/advisories/62597", "http://www.securityfocus.com/bid/71081", "https://support.f5.com/kb/en-us/solutions/public/16000/000/sol16016.html"], "edition": 2, "description": "The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.", "reporter": "NVD", "published": "2014-11-29T20:59:03", "title": "CVE-2014-7841", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7841"], "scanner": [], "modified": "2017-01-02T21:59:12", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.12.8", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.14.4", "cpe:/o:linux:linux_kernel:3.14:rc3", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.10.5::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.15.8", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.14:rc2", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.16.0", "cpe:/o:linux:linux_kernel:3.12.14", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.10.8::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.12.10", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.15.5", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.14:rc4", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.12.15", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.12.17", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.2:rc2", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.14:rc1", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.14:-", "cpe:/o:linux:linux_kernel:3.14:rc8", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.13.7", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.12.11", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.15.3", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.10.26", "cpe:/o:linux:linux_kernel:3.13.10", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.15.2", "cpe:/o:linux:linux_kernel:3.13.4", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.12.13", "cpe:/o:linux:linux_kernel:3.10.27", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.10.24", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.14.3", "cpe:/o:linux:linux_kernel:3.14:rc7", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.10.9::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc1", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.13.2", "cpe:/o:linux:linux_kernel:3.1:rc4", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.10.28", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.13.6", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.2::~~~~x86~", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.10.25", "cpe:/o:linux:linux_kernel:3.13.5", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.15.1", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.13.9", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.10.1::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.17.3", "cpe:/o:linux:linux_kernel:3.14.2", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.13.3", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.10.3::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc7", "cpe:/o:linux:linux_kernel:3.2:rc3", "cpe:/o:linux:linux_kernel:3.0:rc4", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.10.0::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc2", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.13", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.1:rc1", "cpe:/o:linux:linux_kernel:3.14:rc6", "cpe:/o:linux:linux_kernel:3.14:rc5", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.13.11", "cpe:/o:linux:linux_kernel:3.10.6::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.17.2", "cpe:/o:linux:linux_kernel:3.14.1", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.12.6", "cpe:/o:linux:linux_kernel:3.12.7", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.15", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.15.7", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.1:rc2", "cpe:/o:linux:linux_kernel:3.12.12", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.10.2::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.13.1", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.10.4::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.15.4", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.10.7::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.29", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.12.16", "cpe:/o:linux:linux_kernel:3.0:rc6", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.17.1", "cpe:/o:linux:linux_kernel:3.0:rc3", "cpe:/o:linux:linux_kernel:3.14.5", "cpe:/o:linux:linux_kernel:3.0:rc5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.13.8", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.17", "cpe:/o:linux:linux_kernel:3.1:rc3", "cpe:/o:linux:linux_kernel:3.15.6", "cpe:/o:linux:linux_kernel:3.11.10", "cpe:/o:linux:linux_kernel:3.12.9"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7841", "id": "CVE-2014-7841", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:21:53", "references": ["http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f2e323ec96077642d397bb1c355def536d489d16", "https://bugzilla.redhat.com/show_bug.cgi?id=1164266", "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4", "https://github.com/torvalds/linux/commit/f2e323ec96077642d397bb1c355def536d489d16", "http://rhn.redhat.com/errata/RHSA-2015-0290.html", "http://www.debian.org/security/2014/dsa-3093", "http://rhn.redhat.com/errata/RHSA-2015-0782.html", "http://www.openwall.com/lists/oss-security/2014/11/14/7", "http://rhn.redhat.com/errata/RHSA-2015-0864.html"], "edition": 2, "description": "Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.", "reporter": "NVD", "published": "2014-11-29T20:59:06", "title": "CVE-2014-8884", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-8884"], "scanner": [], "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.12.8", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.14.4", "cpe:/o:linux:linux_kernel:3.14:rc3", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.10.5::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.15.8", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.14:rc2", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.16.0", "cpe:/o:linux:linux_kernel:3.12.14", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.10.8::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.12.10", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.15.5", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.14:rc4", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.12.15", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.12.17", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.2:rc2", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.14:rc1", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.14:-", "cpe:/o:linux:linux_kernel:3.14:rc8", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.13.7", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.12.11", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.15.3", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.10.26", "cpe:/o:linux:linux_kernel:3.13.10", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.15.2", "cpe:/o:linux:linux_kernel:3.13.4", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.12.13", "cpe:/o:linux:linux_kernel:3.10.27", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.10.24", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.14.3", "cpe:/o:linux:linux_kernel:3.14:rc7", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.10.9::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc1", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.13.2", "cpe:/o:linux:linux_kernel:3.1:rc4", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.10.28", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.13.6", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.2::~~~~x86~", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.10.25", "cpe:/o:linux:linux_kernel:3.13.5", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.15.1", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.13.9", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.10.1::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.17.3", "cpe:/o:linux:linux_kernel:3.14.2", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.13.3", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.10.3::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc7", "cpe:/o:linux:linux_kernel:3.2:rc3", "cpe:/o:linux:linux_kernel:3.0:rc4", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.10.0::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc2", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.13", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.1:rc1", "cpe:/o:linux:linux_kernel:3.14:rc6", "cpe:/o:linux:linux_kernel:3.14:rc5", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.13.11", "cpe:/o:linux:linux_kernel:3.10.6::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.17.2", "cpe:/o:linux:linux_kernel:3.14.1", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.12.6", "cpe:/o:linux:linux_kernel:3.12.7", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.15", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.15.7", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.1:rc2", "cpe:/o:linux:linux_kernel:3.12.12", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.10.2::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.13.1", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.10.4::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.15.4", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.10.7::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.29", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.12.16", "cpe:/o:linux:linux_kernel:3.0:rc6", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.17.1", "cpe:/o:linux:linux_kernel:3.0:rc3", "cpe:/o:linux:linux_kernel:3.14.5", "cpe:/o:linux:linux_kernel:3.0:rc5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.13.8", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.17", "cpe:/o:linux:linux_kernel:3.1:rc3", "cpe:/o:linux:linux_kernel:3.15.6", "cpe:/o:linux:linux_kernel:3.11.10", "cpe:/o:linux:linux_kernel:3.12.9"], "modified": "2018-01-04T21:29:55", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8884", "id": "CVE-2014-8884", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2017-04-18T15:55:21", "references": ["http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html", "http://www.openwall.com/lists/oss-security/2014/11/13/7", "https://github.com/torvalds/linux/commit/a2b9e6c1a35afcc0973acb72e591c714e78885ff", "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html", "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2b9e6c1a35afcc0973acb72e591c714e78885ff", "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1163762", "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html", "http://www.securityfocus.com/bid/71078", "http://rhn.redhat.com/errata/RHSA-2016-0855.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"], "edition": 2, "description": "Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.", "reporter": "NVD", "published": "2014-11-29T20:59:04", "title": "CVE-2014-7842", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7842"], "scanner": [], "modified": "2017-01-02T21:59:12", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.12.8", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.14.4", "cpe:/o:linux:linux_kernel:3.14:rc3", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.10.5::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.15.8", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.14:rc2", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.16.0", "cpe:/o:linux:linux_kernel:3.12.14", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.10.8::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.12.10", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.15.5", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.14:rc4", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.12.15", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.12.17", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.2:rc2", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.14:rc1", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.14:-", "cpe:/o:linux:linux_kernel:3.14:rc8", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.13.7", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.12.11", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.15.3", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.10.26", "cpe:/o:linux:linux_kernel:3.13.10", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.15.2", "cpe:/o:linux:linux_kernel:3.13.4", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.12.13", "cpe:/o:linux:linux_kernel:3.10.27", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.10.24", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.14.3", "cpe:/o:linux:linux_kernel:3.14:rc7", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.10.9::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc1", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.13.2", "cpe:/o:linux:linux_kernel:3.1:rc4", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.10.28", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.13.6", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.2::~~~~x86~", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.10.25", "cpe:/o:linux:linux_kernel:3.13.5", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.15.1", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.13.9", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.10.1::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.17.3", "cpe:/o:linux:linux_kernel:3.14.2", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.13.3", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.10.3::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc7", "cpe:/o:linux:linux_kernel:3.2:rc3", "cpe:/o:linux:linux_kernel:3.0:rc4", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.10.0::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.0:rc2", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.13", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.1:rc1", "cpe:/o:linux:linux_kernel:3.14:rc6", "cpe:/o:linux:linux_kernel:3.14:rc5", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.13.11", "cpe:/o:linux:linux_kernel:3.10.6::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.17.2", "cpe:/o:linux:linux_kernel:3.14.1", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.12.6", "cpe:/o:linux:linux_kernel:3.12.7", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.15", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.15.7", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.1:rc2", "cpe:/o:linux:linux_kernel:3.12.12", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.10.2::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.13.1", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.10.4::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.15.4", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.10.7::~~~~arm64~", "cpe:/o:linux:linux_kernel:3.10.29", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.12.16", "cpe:/o:linux:linux_kernel:3.0:rc6", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.17.1", "cpe:/o:linux:linux_kernel:3.0:rc3", "cpe:/o:linux:linux_kernel:3.14.5", "cpe:/o:linux:linux_kernel:3.0:rc5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.13.8", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.17", "cpe:/o:linux:linux_kernel:3.1:rc3", "cpe:/o:linux:linux_kernel:3.15.6", "cpe:/o:linux:linux_kernel:3.11.10", "cpe:/o:linux:linux_kernel:3.12.9"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7842", "id": "CVE-2014-7842", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-12-02T15:35:04", "references": ["https://usn.ubuntu.com/2468-1/"], "pluginID": "80515", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.10 : linux vulnerabilities (USN-2468-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2468-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80515", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2468-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80515);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2468-1\");\n\n script_name(english:\"Ubuntu 14.10 : linux vulnerabilities (USN-2468-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2468-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-generic\", pkgver:\"3.16.0-29.39\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-generic-lpae\", pkgver:\"3.16.0-29.39\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"linux-image-3.16.0-29-lowlatency\", pkgver:\"3.16.0-29.39\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:28:11", "references": ["https://usn.ubuntu.com/2466-1/"], "pluginID": "80513", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2466-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2466-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80513", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2466-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80513);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2466-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2466-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2466-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-generic\", pkgver:\"3.13.0-44.73\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-generic-lpae\", pkgver:\"3.13.0-44.73\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-44-lowlatency\", pkgver:\"3.13.0-44.73\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:48:08", "references": ["https://usn.ubuntu.com/2465-1/"], "pluginID": "80512", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2465-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2465-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2465-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80512);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2465-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2465-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2465-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-44-generic\", pkgver:\"3.13.0-44.73~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-44-generic-lpae\", pkgver:\"3.13.0-44.73~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:28:52", "references": ["https://usn.ubuntu.com/2467-1/"], "pluginID": "80514", "description": "A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2015-01-14T00:00:00", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2467-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2467-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80514", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2467-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80514);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_bugtraq_id(71078, 71081, 71082, 71097);\n script_xref(name:\"USN\", value:\"2467-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2467-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the the Linux\nkernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel\nVirtual Machine) subsystem of the Linux kernel was discovered. A guest\nOS user could exploit this flaw to cause a denial of service (guest OS\ncrash) via a specially crafted application. (CVE-2014-7842)\n\nMilos Prchlik reported a flaw in how the ARM64 platform handles a\nsingle byte overflow in __clear_user. A local user could exploit this\nflaw to cause a denial of service (system crash) by reading one byte\nbeyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling\nfor the Technotrend/Hauppauge USB DEC devices driver. A local user\ncould exploit this flaw to cause a denial of service (system crash) or\npossibly gain privileges. (CVE-2014-8884).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2467-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-generic\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-generic-lpae\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-29-lowlatency\", pkgver:\"3.16.0-29.39~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:08", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1163087", "https://bugzilla.redhat.com/show_bug.cgi?id=1163744", "https://bugzilla.redhat.com/show_bug.cgi?id=1161565", "http://www.nessus.org/u?3b5b6c61", "https://bugzilla.redhat.com/show_bug.cgi?id=1163762"], "pluginID": "79319", "description": "Latest upstream stable release, Linux v3.17.3. A wide variety of fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-11-19T00:00:00", "title": "Fedora 21 : kernel-3.17.3-300.fc21 (2014-15159)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7825", "CVE-2014-7841", "CVE-2014-7843", "CVE-2014-7842", "CVE-2014-7826"], "modified": "2015-10-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-15159.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79319", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15159.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79319);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:14:43 $\");\n\n script_cve_id(\"CVE-2014-7825\", \"CVE-2014-7826\", \"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\");\n script_bugtraq_id(70971, 70972, 71078, 71081, 71082);\n script_xref(name:\"FEDORA\", value:\"2014-15159\");\n\n script_name(english:\"Fedora 21 : kernel-3.17.3-300.fc21 (2014-15159)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Latest upstream stable release, Linux v3.17.3. A wide variety of fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1161565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163762\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/144193.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b5b6c61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-3.17.3-300.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:25", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1163087", "https://bugzilla.redhat.com/show_bug.cgi?id=1163744", "https://bugzilla.redhat.com/show_bug.cgi?id=1161565", "https://bugzilla.redhat.com/show_bug.cgi?id=1163762", "http://www.nessus.org/u?127cad7b"], "pluginID": "79363", "description": "The 3.17.3 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2014-11-21T00:00:00", "title": "Fedora 20 : kernel-3.17.3-200.fc20 (2014-15200)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7825", "CVE-2014-7841", "CVE-2014-7843", "CVE-2014-7842", "CVE-2014-7826"], "modified": "2015-10-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-15200.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79363", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15200.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79363);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:14:43 $\");\n\n script_cve_id(\"CVE-2014-7825\", \"CVE-2014-7826\", \"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\");\n script_xref(name:\"FEDORA\", value:\"2014-15200\");\n\n script_name(english:\"Fedora 20 : kernel-3.17.3-200.fc20 (2014-15200)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.17.3 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1161565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163762\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/144691.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?127cad7b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.17.3-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:10:39", "references": ["https://security-tracker.debian.org/tracker/CVE-2014-8369", "https://www.debian.org/security/2014/dsa-3093", "https://security-tracker.debian.org/tracker/CVE-2014-9090", "https://security-tracker.debian.org/tracker/CVE-2014-8884", "https://security-tracker.debian.org/tracker/CVE-2014-7841", "https://packages.debian.org/source/wheezy/linux"], "pluginID": "79807", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation :\n\n - CVE-2014-7841 Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will panic on malformed INIT chunks by triggering a NULL pointer dereference.\n\n - CVE-2014-8369 A flaw was discovered in the way iommu mapping failures were handled in the kvm_iommu_map_pages() function in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS.\n\n - CVE-2014-8884 A stack-based buffer overflow flaw was discovered in the TechnoTrend/Hauppauge DEC USB driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges.\n\n - CVE-2014-9090 Andy Lutomirski discovered that the do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel did not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic).", "edition": 6, "reporter": "Tenable", "published": "2014-12-09T00:00:00", "title": "Debian DSA-3093-1 : linux - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8884"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:linux"], "id": "DEBIAN_DSA-3093.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79807", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3093. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79807);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-8369\", \"CVE-2014-8884\", \"CVE-2014-9090\");\n script_bugtraq_id(70749, 71081, 71097, 71250);\n script_xref(name:\"DSA\", value:\"3093\");\n\n script_name(english:\"Debian DSA-3093-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation :\n\n - CVE-2014-7841\n Liu Wei of Red Hat discovered that a SCTP server doing\n ASCONF will panic on malformed INIT chunks by triggering\n a NULL pointer dereference.\n\n - CVE-2014-8369\n A flaw was discovered in the way iommu mapping failures\n were handled in the kvm_iommu_map_pages() function in\n the Linux kernel. A guest OS user could exploit this\n flaw to cause a denial of service (host OS memory\n corruption) or possibly have other unspecified impact on\n the host OS.\n\n - CVE-2014-8884\n A stack-based buffer overflow flaw was discovered in the\n TechnoTrend/Hauppauge DEC USB driver. A local user with\n write access to the corresponding device could use this\n flaw to crash the kernel or, potentially, elevate their\n privileges.\n\n - CVE-2014-9090\n Andy Lutomirski discovered that the do_double_fault\n function in arch/x86/kernel/traps.c in the Linux kernel\n did not properly handle faults associated with the Stack\n Segment (SS) segment register, which allows local users\n to cause a denial of service (panic).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-8369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-8884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3093\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.2.63-2+deb7u2. This update also includes fixes for\nregressions introduced by previous updates.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux-doc-3.2\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-486\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-4kc-malta\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-5kc-malta\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-686-pae\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armel\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armhf\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-i386\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-ia64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mips\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mipsel\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-powerpc\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-sparc\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common-rt\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-iop32x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-itanium\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-ixp4xx\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-kirkwood\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-loongson-2f\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mckinley\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mv78xx0\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mx5\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-octeon\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-omap\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-orion5x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc-smp\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r4k-ip22\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-cobalt\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-ip32\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-686-pae\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-s390x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64-smp\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-versatile\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-vexpress\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-486\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-4kc-malta\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-5kc-malta\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae-dbg\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64-dbg\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-iop32x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-itanium\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-ixp4xx\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-kirkwood\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-loongson-2f\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mckinley\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mv78xx0\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mx5\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-octeon\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-omap\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-orion5x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc-smp\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r4k-ip22\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-cobalt\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-ip32\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae-dbg\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64-dbg\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-dbg\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-tape\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64-smp\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-versatile\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-vexpress\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-libc-dev\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-manual-3.2\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-source-3.2\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-support-3.2.0-4\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-686-pae\", reference:\"3.2.63-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-amd64\", reference:\"3.2.63-2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-12-08T03:53:44", "references": ["https://access.redhat.com/errata/RHSA-2015:0285", "https://access.redhat.com/security/cve/cve-2014-7841"], "pluginID": "81625", "description": "Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. (CVE-2014-7841, Important)\n\nThis issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Due to several bugs in the network console logging, a race condition between the network console send operation and the driver's IRQ handler could occur, or the network console could access invalid memory content. As a consequence, the respective driver, such as vmxnet3, triggered a BUG_ON() assertion and the system terminated unexpectedly. A patch addressing these bugs has been applied so that driver's IRQs are disabled before processing the send operation and the network console now accesses the RCU-protected (read-copy update) data properly. Systems using the network console logging no longer crashes due to the aforementioned conditions. (BZ#1165983)\n\n* A bug in the vmxnet3 driver allowed potential race conditions to be triggered when the driver was used with the netconsole module. The race conditions allowed the driver's internal New API (NAPI) poll routine to run concurrently with the netpoll controller routine, which resulted in data corruption and a subsequent kernel panic. To fix this problem, the vmxnet3 driver has been modified to call the appropriate interrupt handler to schedule NAPI poll requests properly.\n(BZ#1179594)\n\n* Prior to this update, nfs_mark_return_delegation() was called without any locking, resulting in unsafe dereferencing of delegation->inode. Because the inode is only used to discover the nfs_client, the callers now pass a valid pointer to the nfs_server as a parameter. (BZ#1187637)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 9, "reporter": "Tenable", "published": "2015-03-05T00:00:00", "title": "RHEL 6 : kernel (RHSA-2015:0285)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841"], "modified": "2018-12-07T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2015-0285.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0285. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81625);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/07 9:46:53\");\n\n script_cve_id(\"CVE-2014-7841\");\n script_xref(name:\"RHSA\", value:\"2015:0285\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2015:0285)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 6.4 Extended Update\nSupport.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\nThis issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Due to several bugs in the network console logging, a race condition\nbetween the network console send operation and the driver's IRQ\nhandler could occur, or the network console could access invalid\nmemory content. As a consequence, the respective driver, such as\nvmxnet3, triggered a BUG_ON() assertion and the system terminated\nunexpectedly. A patch addressing these bugs has been applied so that\ndriver's IRQs are disabled before processing the send operation and\nthe network console now accesses the RCU-protected (read-copy update)\ndata properly. Systems using the network console logging no longer\ncrashes due to the aforementioned conditions. (BZ#1165983)\n\n* A bug in the vmxnet3 driver allowed potential race conditions to be\ntriggered when the driver was used with the netconsole module. The\nrace conditions allowed the driver's internal New API (NAPI) poll\nroutine to run concurrently with the netpoll controller routine, which\nresulted in data corruption and a subsequent kernel panic. To fix this\nproblem, the vmxnet3 driver has been modified to call the appropriate\ninterrupt handler to schedule NAPI poll requests properly.\n(BZ#1179594)\n\n* Prior to this update, nfs_mark_return_delegation() was called\nwithout any locking, resulting in unsafe dereferencing of\ndelegation->inode. Because the inode is only used to discover the\nnfs_client, the callers now pass a valid pointer to the nfs_server as\na parameter. (BZ#1187637)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7841\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0285\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", reference:\"kernel-doc-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", reference:\"kernel-firmware-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.56.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:51", "references": ["https://support.f5.com/csp/#/article/K16016"], "pluginID": "80891", "description": "The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.\n(CVE-2014-7841)", "edition": 7, "reporter": "Tenable", "published": "2015-01-22T00:00:00", "title": "F5 Networks BIG-IP : Linux kernel SCTP vulnerability (K16016)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "F5 Networks Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL16016.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80891", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K16016.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80891);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/10 14:27:32\");\n\n script_cve_id(\"CVE-2014-7841\");\n script_bugtraq_id(71081);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel SCTP vulnerability (K16016)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The sctp_process_param function in net/sctp/sm_make_chunk.c in the\nSCTP implementation in the Linux kernel before 3.17.4, when ASCONF is\nused, allows remote attackers to cause a denial of service (NULL\npointer dereference and system crash) via a malformed INIT chunk.\n(CVE-2014-7841)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/#/article/K16016\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K16016.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K16016\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\",\"10.1.0-10.2.4\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\",\"10.1.0-10.2.4\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.0.0\",\"10.1.0-10.2.4\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\",\"10.1.0-10.2.4\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.1.0-11.6.0\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\",\"10.1.0-10.2.4\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.1.0-11.4.1\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0\",\"10.1.0-10.2.4\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.1.0-11.3.0\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.0.0\",\"10.1.0-10.2.4\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.1.0-11.3.0\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.0.0\",\"10.1.0-10.2.4\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:39", "references": ["https://oss.oracle.com/pipermail/el-errata/2015-January/004823.html", "https://oss.oracle.com/pipermail/el-errata/2015-January/004822.html"], "pluginID": "81101", "description": "Description of changes:\n\n[2.6.39-400.246.2.el6uek]\n- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425333] {CVE-2014-7841}\n\n[2.6.39-400.246.1.el6uek]\n- sched: Fix possible divide by zero in avg_atom() calculation (Mateusz Guzik) [Orabug: 20148169]\n- include/linux/math64.h: add div64_ul() (Alex Shi)\n- deadlock when two nodes are converting same lock from PR to EX and idletimeout closes conn (Tariq Saeed) [Orabug: 18639535]\n- bonding: Bond master should reflect slave's features. (Ashish Samant) [Orabug: 20231825]\n- x86, fpu: remove the logic of non-eager fpu mem allocation at the first usage (Annie Li) [Orabug: 20239143]\n- x86, fpu: remove cpu_has_xmm check in the fx_finit() (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: make eagerfpu= boot param tri-state (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: enable eagerfpu by default for xsaveopt (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: decouple non-lazy/eager fpu restore from xsave (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: use non-lazy fpu restore for processors supporting xsave (Suresh Siddha) [Orabug: 20239143]\n- lguest, x86: handle guest TS bit for lazy/non-lazy fpu host models (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: always use kernel_fpu_begin/end() for in-kernel FPU usage (Suresh Siddha) [Orabug: 20239143]\n- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: remove unnecessary user_fpu_end() in save_xstate_sig() (Suresh Siddha) [Orabug: 20239143]\n- raid5: add AVX optimized RAID5 checksumming (Jim Kukunas) [Orabug: 20239143]\n- x86, fpu: drop the fpu state during thread exit (Suresh Siddha) [Orabug: 20239143]\n- x32: Add a thread flag for x32 processes (H. Peter Anvin) [Orabug: 20239143]\n- x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels (Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: Consolidate inline asm routines for saving/restoring fpu state (Suresh Siddha) [Orabug: 20239143]\n- x86, signal: Cleanup ifdefs and is_ia32, is_x32 (Suresh Siddha) [Orabug: 20239143] into exported and internal interfaces (Linus Torvalds) [Orabug: 20239143]\n- i387: Uninline the generic FP helpers that we expose to kernel modules (Linus Torvalds) [Orabug: 20239143]\n- i387: use 'restore_fpu_checking()' directly in task switching code (Linus Torvalds) [Orabug: 20239143]\n- i387: fix up some fpu_counter confusion (Linus Torvalds) [Orabug: 20239143]", "edition": 4, "reporter": "Tenable", "published": "2015-01-30T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3004)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841"], "modified": "2015-12-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2015-3004.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81101", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2015-3004.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81101);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:43:32 $\");\n\n script_cve_id(\"CVE-2014-7841\");\n script_bugtraq_id(71081);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3004)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.246.2.el6uek]\n- net: sctp: fix NULL pointer dereference in af->from_addr_param on \nmalformed packet (Daniel Borkmann) [Orabug: 20425333] {CVE-2014-7841}\n\n[2.6.39-400.246.1.el6uek]\n- sched: Fix possible divide by zero in avg_atom() calculation (Mateusz \nGuzik) [Orabug: 20148169]\n- include/linux/math64.h: add div64_ul() (Alex Shi)\n- deadlock when two nodes are converting same lock from PR to EX and \nidletimeout closes conn (Tariq Saeed) [Orabug: 18639535]\n- bonding: Bond master should reflect slave's features. (Ashish Samant) \n [Orabug: 20231825]\n- x86, fpu: remove the logic of non-eager fpu mem allocation at the \nfirst usage (Annie Li) [Orabug: 20239143]\n- x86, fpu: remove cpu_has_xmm check in the fx_finit() (Suresh Siddha) \n[Orabug: 20239143]\n- x86, fpu: make eagerfpu= boot param tri-state (Suresh Siddha) \n[Orabug: 20239143]\n- x86, fpu: enable eagerfpu by default for xsaveopt (Suresh Siddha) \n[Orabug: 20239143]\n- x86, fpu: decouple non-lazy/eager fpu restore from xsave (Suresh \nSiddha) [Orabug: 20239143]\n- x86, fpu: use non-lazy fpu restore for processors supporting xsave \n(Suresh Siddha) [Orabug: 20239143]\n- lguest, x86: handle guest TS bit for lazy/non-lazy fpu host models \n(Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: always use kernel_fpu_begin/end() for in-kernel FPU usage \n(Suresh Siddha) [Orabug: 20239143]\n- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() \n(Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: remove unnecessary user_fpu_end() in save_xstate_sig() \n(Suresh Siddha) [Orabug: 20239143]\n- raid5: add AVX optimized RAID5 checksumming (Jim Kukunas) [Orabug: \n20239143]\n- x86, fpu: drop the fpu state during thread exit (Suresh Siddha) \n[Orabug: 20239143]\n- x32: Add a thread flag for x32 processes (H. Peter Anvin) [Orabug: \n20239143]\n- x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels \n(Suresh Siddha) [Orabug: 20239143]\n- x86, fpu: Consolidate inline asm routines for saving/restoring fpu \nstate (Suresh Siddha) [Orabug: 20239143]\n- x86, signal: Cleanup ifdefs and is_ia32, is_x32 (Suresh Siddha) \n[Orabug: 20239143]\ninto exported and internal interfaces (Linus Torvalds) [Orabug: 20239143]\n- i387: Uninline the generic FP helpers that we expose to kernel modules \n(Linus Torvalds) [Orabug: 20239143]\n- i387: use 'restore_fpu_checking()' directly in task switching code \n(Linus Torvalds) [Orabug: 20239143]\n- i387: fix up some fpu_counter confusion (Linus Torvalds) [Orabug: \n20239143]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004822.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004823.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.246.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.246.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.246.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.246.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.246.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.246.2.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.246.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.246.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.246.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.246.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.246.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.246.2.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:28", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-44.73~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-44.73~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel (Trusty HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2465-1", "href": "https://usn.ubuntu.com/2465-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:57", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-44.73", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-44-powerpc-e500", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2466-1", "href": "https://usn.ubuntu.com/2466-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7843", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.16.0-29.39", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.16.0-29-generic-lpae", "operator": "lt"}], "description": "A null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nMilo\u0161 Prchl\u00edk reported a flaw in how the ARM64 platform handles a single byte overflow in __clear_user. A local user could exploit this flaw to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2468-1", "href": "https://usn.ubuntu.com/2468-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:58", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7826", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7825"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1457.77", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-1457-omap4", "operator": "lt"}], "description": "Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2014-7826)\n\nRabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the perf subsystem of the Linux kernel handles private systecall numbers. A local user could exploit this to cause a denial of service (OOPS) or bypass ASLR protections via a crafted application. (CVE-2014-7825)\n\nA null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)", "edition": 3, "reporter": "Ubuntu", "published": "2014-12-12T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7825", "CVE-2014-7841", "CVE-2014-8884", "CVE-2014-7826"], "modified": "2014-12-12T00:00:00", "id": "USN-2444-1", "href": "https://usn.ubuntu.com/2444-1/", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:16", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8369"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-75.110", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-75-generic-pae", "operator": "lt"}], "description": "A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2463-1", "href": "https://usn.ubuntu.com/2463-1/", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:30", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8709", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8134", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3688", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9090", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3673", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3687"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-374.91", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-374-ec2", "operator": "lt"}], "description": "An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134)\n\nA flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3673)\n\nA flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-3687)\n\nIt was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (CVE-2014-3688)\n\nA null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nJouni Malinen reported a flaw in the handling of fragmentation in the mac8Linux subsystem of the kernel. A remote attacker could exploit this flaw to obtain potential sensitive cleartext information by reading packets. (CVE-2014-8709)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)", "edition": 3, "reporter": "Ubuntu", "published": "2014-12-12T00:00:00", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8134", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-8884", "CVE-2014-3687"], "modified": "2014-12-12T00:00:00", "id": "USN-2442-1", "href": "https://usn.ubuntu.com/2442-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:27", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8134", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9322", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7826", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9090", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7825"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-generic-pae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-74.109", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-74-generic", "operator": "lt"}], "description": "Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322)\n\nAn information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134)\n\nRabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2014-7826)\n\nRabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the perf subsystem of the Linux kernel handles private systecall numbers. A local user could exploit this to cause a denial of service (OOPS) or bypass ASLR protections via a crafted application. (CVE-2014-7825)\n\nA null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)", "edition": 3, "reporter": "Ubuntu", "published": "2014-12-12T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8134", "CVE-2014-7825", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-9322", "CVE-2014-8884", "CVE-2014-7826"], "modified": "2014-12-12T00:00:00", "id": "USN-2443-1", "href": "https://usn.ubuntu.com/2443-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:29", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8709", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8884", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8134", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7841", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3688", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9090", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3673", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3687"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-ia64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-sparc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-lpia", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-versatile", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-preempt", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-386", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-sparc64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-70.137", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-70-generic-pae", "operator": "lt"}], "description": "An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134)\n\nA flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3673)\n\nA flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-3687)\n\nIt was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (CVE-2014-3688)\n\nA null pointer dereference flaw was discovered in the the Linux kernel\u2019s SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841)\n\nJouni Malinen reported a flaw in the handling of fragmentation in the mac8Linux subsystem of the kernel. A remote attacker could exploit this flaw to obtain potential sensitive cleartext information by reading packets. (CVE-2014-8709)\n\nA stack buffer overflow was discovered in the ioctl command handling for the Technotrend/Hauppauge USB DEC devices driver. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges. (CVE-2014-8884)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)", "edition": 3, "reporter": "Ubuntu", "published": "2014-12-12T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8134", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-8884", "CVE-2014-3687"], "modified": "2014-12-12T00:00:00", "id": "USN-2441-1", "href": "https://usn.ubuntu.com/2441-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:28", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7842", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8134", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9322", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9090", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8369"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1458.78", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-1458-omap4", "operator": "lt"}], "description": "Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322)\n\nAn information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. (CVE-2014-8134)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369)\n\nAndy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register on the x86 architecture. A local attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-9090)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-13T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-8134", "CVE-2014-9090", "CVE-2014-9322", "CVE-2014-7842"], "modified": "2015-01-13T00:00:00", "id": "USN-2464-1", "href": "https://usn.ubuntu.com/2464-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-11-19T13:02:08", "references": ["http://www.ubuntu.com/usn/usn-2465-1/", "2465-1"], "pluginID": "1361412562310842038", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux-lts-trusty USN-2465-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842038", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-2465-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842038\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:45 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-2465-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2465-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2465-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic\", ver:\"3.13.0-44.73~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic-lpae\", ver:\"3.13.0-44.73~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:02:41", "references": ["http://www.ubuntu.com/usn/usn-2467-1/", "2467-1"], "pluginID": "1361412562310842044", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux-lts-utopic USN-2467-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-utopic USN-2467-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842044\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:01 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux-lts-utopic USN-2467-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-utopic'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux-lts-utopic on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2467-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2467-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic-lpae\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-lowlatency\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-e500mc\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-smp\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-emb\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-smp\", ver:\"3.16.0-29.39~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:01:29", "references": ["2468-1", "http://www.ubuntu.com/usn/usn-2468-1/"], "pluginID": "1361412562310842039", "description": "The remote host is missing an update for the ", "edition": 9, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2468-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2468-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842039\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:49 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux USN-2468-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was discovered\nin the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker\ncould exploit this flaw to cause a denial of service (system crash) via a malformed\nINIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2468-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2468-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.10\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-generic-lpae\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-lowlatency\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-e500mc\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc-smp\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-emb\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-29-powerpc64-smp\", ver:\"3.16.0-29.39\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:03:05", "references": ["http://www.ubuntu.com/usn/usn-2466-1/", "2466-1"], "pluginID": "1361412562310842043", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2466-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842043", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842043", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2466-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842043\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:58 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-7842\", \"CVE-2014-7843\", \"CVE-2014-8884\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_name(\"Ubuntu Update for linux USN-2466-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was\ndiscovered in the the Linux kernel's SCTP implementation when ASCONF is used. A\nremote attacker could exploit this flaw to cause a denial of service (system crash)\nvia a malformed INIT chunk. (CVE-2014-7841)\n\nA race condition with MMIO and PIO transactions in the KVM (Kernel Virtual\nMachine) subsystem of the Linux kernel was discovered. A guest OS user\ncould exploit this flaw to cause a denial of service (guest OS crash) via a\nspecially crafted application. (CVE-2014-7842)\n\nMiloš Prchlí k reported a flaw in how the ARM64 platform handles a single\nbyte overflow in __clear_user. A local user could exploit this flaw to\ncause a denial of service (system crash) by reading one byte beyond a\n/dev/zero page boundary. (CVE-2014-7843)\n\nA stack buffer overflow was discovered in the ioctl command handling for\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\nexploit this flaw to cause a denial of service (system crash) or possibly\ngain privileges. (CVE-2014-8884)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2466-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2466-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-generic-lpae\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-lowlatency\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-e500\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-e500mc\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc-smp\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc64-emb\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-44-powerpc64-smp\", ver:\"3.13.0-44.73\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2017-08-04T10:48:58", "references": ["http://www.debian.org/security/2014/dsa-3093.html"], "pluginID": "703093", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-7841\nLiu Wei of Red Hat discovered that a SCTP server doing ASCONF will\npanic on malformed INIT chunks by triggering a NULL pointer\ndereference.\n\nCVE-2014-8369\nA flaw was discovered in the way iommu mapping failures were handled\nin the kvm_iommu_map_pages() function in the Linux kernel. A guest\nOS user could exploit this flaw to cause a denial of service (host\nOS memory corruption) or possibly have other unspecified impact on\nthe host OS.\n\nCVE-2014-8884\nA stack-based buffer overflow flaw was discovered in the\nTechnoTrend/Hauppauge DEC USB driver. A local user with write access\nto the corresponding device could use this flaw to crash the kernel\nor, potentially, elevate their privileges.\n\nCVE-2014-9090\nAndy Lutomirski discovered that the do_double_fault function in\narch/x86/kernel/traps.c in the Linux kernel did not properly handle\nfaults associated with the Stack Segment (SS) segment register,\nwhich allows local users to cause a denial of service (panic).", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-12-08T00:00:00", "title": "Debian Security Advisory DSA 3093-1 (linux - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8884"], "modified": "2017-07-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703093", "id": "OPENVAS:703093", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3093.nasl 6769 2017-07-20 09:56:33Z teissa $\n# Auto-generated from advisory DSA 3093-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703093);\n script_version(\"$Revision: 6769 $\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-8369\", \"CVE-2014-8884\", \"CVE-2014-9090\");\n script_name(\"Debian Security Advisory DSA 3093-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2014-12-08 00:00:00 +0100 (Mon, 08 Dec 2014)\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3093.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 3.2.63-2+deb7u2. This update also\nincludes fixes for regressions introduced by previous updates.\n\nFor the unstable distribution (sid), these problems will be fixed soon\nin version 3.16.7-ckt2-1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-7841\nLiu Wei of Red Hat discovered that a SCTP server doing ASCONF will\npanic on malformed INIT chunks by triggering a NULL pointer\ndereference.\n\nCVE-2014-8369\nA flaw was discovered in the way iommu mapping failures were handled\nin the kvm_iommu_map_pages() function in the Linux kernel. A guest\nOS user could exploit this flaw to cause a denial of service (host\nOS memory corruption) or possibly have other unspecified impact on\nthe host OS.\n\nCVE-2014-8884\nA stack-based buffer overflow flaw was discovered in the\nTechnoTrend/Hauppauge DEC USB driver. A local user with write access\nto the corresponding device could use this flaw to crash the kernel\nor, potentially, elevate their privileges.\n\nCVE-2014-9090\nAndy Lutomirski discovered that the do_double_fault function in\narch/x86/kernel/traps.c in the Linux kernel did not properly handle\nfaults associated with the Stack Segment (SS) segment register,\nwhich allows local users to cause a denial of service (panic).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:53:38", "references": ["http://www.debian.org/security/2014/dsa-3093.html"], "pluginID": "1361412562310703093", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-7841\nLiu Wei of Red Hat discovered that a SCTP server doing ASCONF will\npanic on malformed INIT chunks by triggering a NULL pointer\ndereference.\n\nCVE-2014-8369\nA flaw was discovered in the way iommu mapping failures were handled\nin the kvm_iommu_map_pages() function in the Linux kernel. A guest\nOS user could exploit this flaw to cause a denial of service (host\nOS memory corruption) or possibly have other unspecified impact on\nthe host OS.\n\nCVE-2014-8884\nA stack-based buffer overflow flaw was discovered in the\nTechnoTrend/Hauppauge DEC USB driver. A local user with write access\nto the corresponding device could use this flaw to crash the kernel\nor, potentially, elevate their privileges.\n\nCVE-2014-9090\nAndy Lutomirski discovered that the do_double_fault function in\narch/x86/kernel/traps.c in the Linux kernel did not properly handle\nfaults associated with the Stack Segment (SS) segment register,\nwhich allows local users to cause a denial of service (panic).", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-12-08T00:00:00", "title": "Debian Security Advisory DSA 3093-1 (linux - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8884"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310703093", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703093", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3093.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 3093-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703093\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2014-7841\", \"CVE-2014-8369\", \"CVE-2014-8884\", \"CVE-2014-9090\");\n script_name(\"Debian Security Advisory DSA 3093-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-12-08 00:00:00 +0100 (Mon, 08 Dec 2014)\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3093.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 3.2.63-2+deb7u2. This update also\nincludes fixes for regressions introduced by previous updates.\n\nFor the unstable distribution (sid), these problems will be fixed soon\nin version 3.16.7-ckt2-1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-7841\nLiu Wei of Red Hat discovered that a SCTP server doing ASCONF will\npanic on malformed INIT chunks by triggering a NULL pointer\ndereference.\n\nCVE-2014-8369\nA flaw was discovered in the way iommu mapping failures were handled\nin the kvm_iommu_map_pages() function in the Linux kernel. A guest\nOS user could exploit this flaw to cause a denial of service (host\nOS memory corruption) or possibly have other unspecified impact on\nthe host OS.\n\nCVE-2014-8884\nA stack-based buffer overflow flaw was discovered in the\nTechnoTrend/Hauppauge DEC USB driver. A local user with write access\nto the corresponding device could use this flaw to crash the kernel\nor, potentially, elevate their privileges.\n\nCVE-2014-9090\nAndy Lutomirski discovered that the do_double_fault function in\narch/x86/kernel/traps.c in the Linux kernel did not properly handle\nfaults associated with the Stack Segment (SS) segment register,\nwhich allows local users to cause a denial of service (panic).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.63-2+deb7u2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:23:56", "references": ["http://linux.oracle.com/errata/ELSA-2015-3004.html"], "pluginID": "1361412562310123190", "description": "Oracle Linux Local Security Checks ELSA-2015-3004", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-3004", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123190", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123190", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-3004.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123190\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:49:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-3004\");\n script_tag(name:\"insight\", value:\"ELSA-2015-3004 - Unbreakable Enterprise kernel security and bugfix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-3004\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-3004.html\");\n script_cve_id(\"CVE-2014-7841\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.246.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.246.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:25:42", "references": ["http://linux.oracle.com/errata/ELSA-2015-3005.html"], "pluginID": "1361412562310123191", "description": "Oracle Linux Local Security Checks ELSA-2015-3005", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-3005", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-3005.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123191\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:49:04 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-3005\");\n script_tag(name:\"insight\", value:\"ELSA-2015-3005 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-3005\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-3005.html\");\n script_cve_id(\"CVE-2014-7841\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.14.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.14.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.14.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.14.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.14.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.14.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.14.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.14.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.14.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.14.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:31", "references": ["http://lists.centos.org/pipermail/centos-announce/2015-January/020910.html", "2015:0087"], "pluginID": "1361412562310882110", "description": "Check the version of kernel", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-29T00:00:00", "title": "CentOS Update for kernel CESA-2015:0087 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7841", "CVE-2014-4656"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2015:0087 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882110\");\n script_version(\"$Revision: 6657 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-29 05:14:22 +0100 (Thu, 29 Jan 2015)\");\n script_cve_id(\"CVE-2014-4656\", \"CVE-2014-7841\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for kernel CESA-2015:0087 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* An integer overflow flaw was found in the way the Linux kernel's Advanced\nLinux Sound Architecture (ALSA) implementation handled user controls.\nA local, privileged user could use this flaw to crash the system.\n(CVE-2014-4656, Moderate)\n\nThe CVE-2014-7841 issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:0087\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-January/020910.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~504.8.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:02:36", "references": ["http://www.ubuntu.com/usn/usn-2463-1/", "2463-1"], "pluginID": "1361412562310842048", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-23T00:00:00", "title": "Ubuntu Update for linux USN-2463-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8369", "CVE-2014-7842"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2463-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842048\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:06 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-7842\", \"CVE-2014-8369\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2463-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A race condition with MMIO and PIO\ntransactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel\nwas discovered. A guest OS user could exploit this flaw to cause a denial of service\n(guest OS crash) via a specially crafted application. (CVE-2014-7842)\n\nThe KVM (kernel virtual machine) subsystem of the Linux kernel\nmiscalculates the number of memory pages during the handling of a mapping\nfailure. A guest OS user could exploit this to cause a denial of service\n(host OS page unpinning) or possibly have unspecified other impact by\nleveraging guest OS privileges. (CVE-2014-8369)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2463-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2463-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-generic\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-generic-pae\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-highbank\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-omap\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-powerpc-smp\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-powerpc64-smp\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-75-virtual\", ver:\"3.2.0-75.110\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "f5": [{"lastseen": "2016-09-26T17:23:06", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2015-05-08T00:00:00", "title": "SOL16558 - Linux kernel vulnerability CVE-2014-8884", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-8884"], "modified": "2015-05-08T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/500/sol16558.html", "id": "SOL16558", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-06-10T03:46:54", "references": [], "description": "\nF5 Product Development has assigned ID 493765 (BIG-IP), ID 499497 (Enterprise Manager), and ID 499496 (BIG-IQ) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| 11.1.0 - 11.6.0| 12.0.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP AAM| 11.4.0 - 11.6.0| 12.0.0| Linux kernel (management interface) \nSelf IPs* \nBIG-IP AFM| 11.3.0 - 11.6.0| 12.0.0| Linux kernel (management interface) \nSelf IPs* \nBIG-IP Analytics| 11.1.0 - 11.6.0| 12.0.0 \n11.0.0| Linux kernel (management interface) \nSelf IPs* \nBIG-IP APM| 11.1.0 - 11.6.0| 12.0.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP ASM| 11.1.0 - 11.6.0| 12.0.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP DNS| None| 12.0.0| None \nBIG-IP Edge Gateway| 11.1.0 - 11.3.0| 11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP GTM| 11.1.0 - 11.6.0| 11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP Link Controller| 11.1.0 - 11.6.0| 12.0.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP PEM| 11.3.0 - 11.6.0| 12.0.0| Linux kernel (management interface) \nSelf IPs* \nBIG-IP PSM| 11.1.0 - 11.4.1| 12.0.0 \n11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP WebAccelerator| 11.1.0 - 11.3.0| 11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nBIG-IP WOM| 11.1.0 - 11.3.0| 11.0.0 \n10.1.0 - 10.2.4| Linux kernel (management interface) \nSelf IPs* \nARX| None| 6.0.0 - 6.4.0| None \nEnterprise Manager| 3.1.0 - 3.1.1| 3.0.0 \n2.1.0 - 2.3.0| Linux kernel (management interface) \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Linux kernel (management interface) \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Linux kernel (management interface) \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Linux kernel (management interface) \nBIG-IQ ADC| 4.5.0| None| Linux kernel (management interface) \nBIG-IQ Centralized Management| 4.6.0| 5.0.0| Linux kernel (management interface) \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Linux kernel (management interface) \nF5 iWorkflow| None| 2.0.0| None \nLineRate| None| 2.4.0 - 2.50 \n1.6.0 - 1.6.4| None \n \n* The affected versions ship with vulnerable code (SCTP kernel module) but do not enable the code by default; however, the management interface and/or self-IPs would be affected only if the vulnerable SCTP kernel module is loaded and SCTP traffic is allowed on these objects.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should allow only trusted SCTP traffic to the management interface and/or self IP in a secure network. \n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K7312: Overview of the management port](<https://support.f5.com/csp/article/K7312>)\n * [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>)\n * [K15910: Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687](<https://support.f5.com/csp/article/K15910>)\n", "edition": 1, "reporter": "f5", "published": "2015-01-22T03:56:00", "title": "Linux kernel SCTP vulnerability CVE-2014-7841", "type": "f5", "enchantments": {"score": {"modified": "2018-06-10T03:46:54", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-3673", "CVE-2014-7841", "CVE-2014-3687"], "modified": "2018-06-10T01:58:00", "id": "F5:K16016", "href": "https://support.f5.com/csp/article/K16016", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-09T20:46:30", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned ID 493756 to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP AAM| 12.0.0 \n11.4.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP AFM| 12.0.0 \n11.3.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP Analytics| 12.0.0 \n11.0.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP APM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP ASM| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP DNS| 12.0.0| None| Medium| vCMP guests \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP GTM| 11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP Link Controller| 12.0.0 \n11.0.0 - 11.6.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP PEM| 12.0.0 \n11.3.0 - 11.6.0| None| Medium| vCMP guests \nBIG-IP PSM| 11.0.0 - 11.4.1| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nBIG-IP WOM| 11.0.0 - 11.3.0| 10.1.0 - 10.2.4| Medium| vCMP guests \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you can limit access to the Linux shell to trusted users only.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "reporter": "f5", "published": "2016-01-22T03:51:00", "title": "Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2010-5313", "CVE-2014-7842"], "modified": "2017-11-09T19:52:00", "id": "F5:K62700573", "href": "https://support.f5.com/csp/article/K62700573", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-12-03T05:27:38", "references": ["https://support.f5.com/kb/en-us/solutions/public/13000/000/sol13092.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html", "https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15910.html", "https://support.f5.com/kb/en-us/solutions/public/7000/300/sol7312.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should allow only trusted SCTP traffic to the management interface and/or self IP in a secure network.\u00c2 \n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL7312: Overview of the management port\n * SOL13092: Overview of securing access to the BIG-IP system\n * SOL15910: Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687\n", "reporter": "f5", "published": "2015-01-21T00:00:00", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SOL16016 - Linux kernel SCTP vulnerability CVE-2014-7841", "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP Link Controller", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IQ Device", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.6.0", "operator": "le"}, {"name": "Enterprise Manager", "version": "3.1.1", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IQ Cloud and Orchestration", "version": "1.0.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IQ Centralized Management", "version": "4.6.0", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IQ Cloud", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IQ Security", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IQ ADC", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}], "cvelist": ["CVE-2014-3673", "CVE-2014-7841", "CVE-2014-3687"], "modified": "2016-07-22T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/000/sol16016.html", "id": "SOL16016", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:27", "references": ["https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you can limit access to the Linux shell to trusted users only.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n", "reporter": "f5", "published": "2016-01-21T00:00:00", "title": "SOL62700573 - Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP AAM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP AFM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP DNS", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.6.0", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "12.0.0", "operator": "le"}], "cvelist": ["CVE-2010-5313", "CVE-2014-7842"], "modified": "2016-03-01T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/62/sol62700573.html", "id": "SOL62700573", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:09:44", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option. ([CVE-2011-2199](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2199>))\n", "reporter": "f5", "published": "2015-04-03T00:00:00", "title": "SOL16348 - tftp-hpa vulnerability CVE-2011-2199", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-7841", "CVE-2011-2199"], "modified": "2015-04-03T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16348.html", "id": "SOL16348", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:58", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31493", "https://vulners.com/securityvulns/securityvulns:doc:31502", "https://vulners.com/securityvulns/securityvulns:doc:31490"], "description": "DoS via SCTP, TechnoTrend/Hauppauge DEC USB driver buffer overflow, invalid registers handling in x86, ASLR bypass.", "edition": 1, "reporter": "BUGTRAQ", "published": "2014-12-21T00:00:00", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:58", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "kernel", "version": "3.17", "operator": "eq"}], "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-7843", "CVE-2014-8884", "CVE-2014-7842"], "modified": "2014-12-21T00:00:00", "id": "SECURITYVULNS:VULN:14146", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14146", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:56", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3093-1 security@debian.org\r\nhttp://www.debian.org/security/ Salvatore Bonaccorso\r\nDecember 08, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : linux\r\nCVE ID : CVE-2014-7841 CVE-2014-8369 CVE-2014-8884 CVE-2014-9090\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a denial of service or privilege escalation:\r\n\r\nCVE-2014-7841\r\n\r\n Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will\r\n panic on malformed INIT chunks by triggering a NULL pointer\r\n dereference.\r\n\r\nCVE-2014-8369\r\n\r\n A flaw was discovered in the way iommu mapping failures were handled\r\n in the kvm_iommu_map_pages() function in the Linux kernel. A guest\r\n OS user could exploit this flaw to cause a denial of service (host\r\n OS memory corruption) or possibly have other unspecified impact on\r\n the host OS.\r\n\r\nCVE-2014-8884\r\n\r\n A stack-based buffer overflow flaw was discovered in the\r\n TechnoTrend/Hauppauge DEC USB driver. A local user with write access\r\n to the corresponding device could use this flaw to crash the kernel\r\n or, potentially, elevate their privileges.\r\n\r\nCVE-2014-9090\r\n\r\n Andy Lutomirski discovered that the do_double_fault function in\r\n arch/x86/kernel/traps.c in the Linux kernel did not properly handle\r\n faults associated with the Stack Segment (SS) segment register,\r\n which allows local users to cause a denial of service (panic).\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 3.2.63-2+deb7u2. This update also includes fixes for regressions\r\nintroduced by previous updates.\r\n\r\nFor the unstable distribution (sid), these problems will be fixed soon\r\nin version 3.16.7-ckt2-1.\r\n\r\nWe recommend that you upgrade your linux packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJUhhMIAAoJEAVMuPMTQ89EWvoP/2Y+Dr62XSZ5MuBzFx739eZj\r\njPEj/YtVMUylVX6/3wBp74JxPZsOs6YTeCZ3U6WHBlNoInEBZp8wxQ56X6fbMdsS\r\nNxNyvwQMCu52uneTujuSpXECnPyJAqJQtZnsILb6sHB+XbKlPGpfgt0Y5A1khMW6\r\nzBndduifMBHv2D/ZoCHRzg94VIKmg1nG+DGjVSSDmti5BfNnb7j13aUXKqtdJG7m\r\nBLP3Wvi+AtgzQFXLi9BbgR3B3CpmHEa0t2+gn5PyDbjglyM63DxNFPEtt0eM9RxQ\r\npMeRspIIvfSbvcrOtk1wFIc8LffptUnb/buYpvN6rs2/wfVywd0i9/yRAaXWlfr1\r\nvryEWiK1R4yUZFBDmD3HU1boyBwsoDArhESwa7/ZL+B5WW1G773K7AKlB8JwB4AC\r\nssKT2CTnagLMr9Dsr5FJYCeuHPAXRx96JbivZPz5jIt7hnHitsg3q05E76RowOik\r\nJzAfxQFovV2isHjrsuw3GYw/7VVLFE1Hzqch9K67Xa1c2gzpYOJl/M4wPdinDtM2\r\no69YjDRtcv4/voiET3X44loq9EoaEAqWF+QQhd7Flmuhj6JvEeKfqLN35MUGDSar\r\nr5FJOc6y0+fHsR5zggMcNGGw10r1ctmfoRjxeGjQw+gBV2da5/4+ryRPedfsHFSD\r\nyfxvUIxS1nq/ye3XQB2o\r\n=wZ/Y\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-12-11T00:00:00", "title": "[SECURITY] [DSA 3093-1] linux security update", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:56", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8884"], "modified": "2014-12-11T00:00:00", "id": "SECURITYVULNS:DOC:31490", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31490", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:56", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2441-1\r\nDecember 12, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nAn information leak in the Linux kernel was discovered that could leak the\r\nhigh 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine\r\n(KVM) paravirt guests. A user in the guest OS could exploit this leak to\r\nobtain information that could potentially be used to aid in attacking the\r\nkernel. (CVE-2014-8134)\r\n\r\nA flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control\r\nTransmission Protocol) implementation in the Linux kernel was discovered. A\r\nremote attacker could exploit this flaw to cause a denial of service\r\n(system crash). (CVE-2014-3673)\r\n\r\nA flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control\r\nTransmission Protocol) implementation in the Linux kernel was discovered. A\r\nremote attacker could exploit this flaw to cause a denial of service\r\n(panic). (CVE-2014-3687)\r\n\r\nIt was discovered that excessive queuing by SCTP (Stream Control\r\nTransmission Protocol) implementation in the Linux kernel can cause memory\r\npressure. A remote attacker could exploit this flaw to cause a denial of\r\nservice. (CVE-2014-3688)\r\n\r\nA null pointer dereference flaw was discovered in the the Linux kernel's\r\nSCTP implementation when ASCONF is used. A remote attacker could exploit\r\nthis flaw to cause a denial of service (system crash) via a malformed INIT\r\nchunk. (CVE-2014-7841)\r\n\r\nJouni Malinen reported a flaw in the handling of fragmentation in the\r\nmac8Linux subsystem of the kernel. A remote attacker could exploit this\r\nflaw to obtain potential sensitive cleartext information by reading\r\npackets. (CVE-2014-8709)\r\n\r\nA stack buffer overflow was discovered in the ioctl command handling for\r\nthe Technotrend/Hauppauge USB DEC devices driver. A local user could\r\nexploit this flaw to cause a denial of service (system crash) or possibly\r\ngain privileges. (CVE-2014-8884)\r\n\r\nAndy Lutomirski discovered that the Linux kernel does not properly handle\r\nfaults associated with the Stack Segment (SS) register on the x86\r\narchitecture. A local attacker could exploit this flaw to cause a denial of\r\nservice (panic). (CVE-2014-9090)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n linux-image-2.6.32-70-386 2.6.32-70.137\r\n linux-image-2.6.32-70-generic 2.6.32-70.137\r\n linux-image-2.6.32-70-generic-pae 2.6.32-70.137\r\n linux-image-2.6.32-70-ia64 2.6.32-70.137\r\n linux-image-2.6.32-70-lpia 2.6.32-70.137\r\n linux-image-2.6.32-70-powerpc 2.6.32-70.137\r\n linux-image-2.6.32-70-powerpc-smp 2.6.32-70.137\r\n linux-image-2.6.32-70-powerpc64-smp 2.6.32-70.137\r\n linux-image-2.6.32-70-preempt 2.6.32-70.137\r\n linux-image-2.6.32-70-server 2.6.32-70.137\r\n linux-image-2.6.32-70-sparc64 2.6.32-70.137\r\n linux-image-2.6.32-70-sparc64-smp 2.6.32-70.137\r\n linux-image-2.6.32-70-versatile 2.6.32-70.137\r\n linux-image-2.6.32-70-virtual 2.6.32-70.137\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2441-1\r\n CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-7841,\r\n CVE-2014-8134, CVE-2014-8709, CVE-2014-8884, CVE-2014-9090\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.32-70.137\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-12-21T00:00:00", "title": "[USN-2441-1] Linux kernel vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:56", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-8134", "CVE-2014-3673", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-8884", "CVE-2014-3687"], "modified": "2014-12-21T00:00:00", "id": "SECURITYVULNS:DOC:31502", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31502", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:56", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:027\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : kernel\r\n Date : January 16, 2015\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in the Linux\r\n kernel:\r\n \r\n The SCTP implementation in the Linux kernel before 3.17.4 allows\r\n remote attackers to cause a denial of service (memory consumption) by\r\n triggering a large number of chunks in an association's output queue,\r\n as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and\r\n net/sctp/sm_statefuns.c (CVE-2014-3688=.\r\n \r\n Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux\r\n kernel before 3.16.3, allows remote attackers to cause a denial of\r\n service (memory corruption and panic) or possibly have unspecified\r\n other impact via a long unencrypted auth ticket (CVE-2014-6416).\r\n \r\n net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,\r\n does not properly consider the possibility of kmalloc failure, which\r\n allows remote attackers to cause a denial of service (system crash)\r\n or possibly have unspecified other impact via a long unencrypted auth\r\n ticket (CVE-2014-6417).\r\n \r\n net/ceph/auth_x.c in Ceph, as used in the Linux kernel before\r\n 3.16.3, does not properly validate auth replies, which allows remote\r\n attackers to cause a denial of service (system crash) or possibly\r\n have unspecified other impact via crafted data from the IP address\r\n of a Ceph Monitor (CVE-2014-6418).\r\n \r\n The sctp_process_param function in net/sctp/sm_make_chunk.c in the\r\n SCTP implementation in the Linux kernel before 3.17.4, when ASCONF\r\n is used, allows remote attackers to cause a denial of service (NULL\r\n pointer dereference and system crash) via a malformed INIT chunk\r\n (CVE-2014-7841).\r\n \r\n Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4\r\n allows guest OS users to cause a denial of service (guest OS crash)\r\n via a crafted application that performs an MMIO transaction or a\r\n PIO transaction to trigger a guest userspace emulation error report,\r\n a similar issue to CVE-2010-5313 (CVE-2014-7842).\r\n \r\n arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation\r\n in the Linux kernel through 3.18.1 allows local users to bypass the\r\n espfix protection mechanism, and consequently makes it easier for\r\n local users to bypass the ASLR protection mechanism, via a crafted\r\n application that makes a set_thread_area system call and later reads\r\n a 16-bit value (CVE-2014-8133).\r\n \r\n Stack-based buffer overflow in the\r\n ttusbdecfe_dvbs_diseqc_send_master_cmd function in\r\n drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before\r\n 3.17.4 allows local users to cause a denial of service (system crash)\r\n or possibly gain privileges via a large message length in an ioctl call\r\n (CVE-2014-8884).\r\n \r\n The do_double_fault function in arch/x86/kernel/traps.c in the Linux\r\n kernel through 3.17.4 does not properly handle faults associated with\r\n the Stack Segment (SS) segment register, which allows local users\r\n to cause a denial of service (panic) via a modify_ldt system call,\r\n as demonstrated by sigreturn_32 in the linux-clock-tests test suite\r\n (CVE-2014-9090).\r\n \r\n arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does\r\n not properly handle faults associated with the Stack Segment (SS)\r\n segment register, which allows local users to gain privileges by\r\n triggering an IRET instruction that leads to access to a GS Base\r\n address from the wrong space (CVE-2014-9322).\r\n \r\n The __switch_to function in arch/x86/kernel/process_64.c in the Linux\r\n kernel through 3.18.1 does not ensure that Thread Local Storage (TLS)\r\n descriptors are loaded before proceeding with other steps, which makes\r\n it easier for local users to bypass the ASLR protection mechanism via\r\n a crafted application that reads a TLS base address (CVE-2014-9419).\r\n \r\n The rock_continue function in fs/isofs/rock.c in the Linux kernel\r\n through 3.18.1 does not restrict the number of Rock Ridge continuation\r\n entries, which allows local users to cause a denial of service\r\n (infinite loop, and system crash or hang) via a crafted iso9660 image\r\n (CVE-2014-9420).\r\n \r\n Race condition in the key_gc_unused_keys function in security/keys/gc.c\r\n in the Linux kernel through 3.18.2 allows local users to cause a denial\r\n of service (memory corruption or panic) or possibly have unspecified\r\n other impact via keyctl commands that trigger access to a key structure\r\n member during garbage collection of a key (CVE-2014-9529).\r\n \r\n The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in\r\n the Linux kernel before 3.18.2 does not validate a length value in\r\n the Extensions Reference (ER) System Use Field, which allows local\r\n users to obtain sensitive information from kernel memory via a crafted\r\n iso9660 image (CVE-2014-9584).\r\n \r\n The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel\r\n through 3.18.2 does not properly choose memory locations for the\r\n vDSO area, which makes it easier for local users to bypass the ASLR\r\n protection mechanism by guessing a location at the end of a PMD\r\n (CVE-2014-9585).\r\n \r\n The updated packages provides a solution for these security issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6416\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6417\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6418\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9419\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 84b2f7fd994f5ed9738484492cf1f6fb mbs1/x86_64/cpupower-3.4.105-2.1.mbs1.x86_64.rpm\r\n 3b7822069fb7f64c5954038f2a352816 mbs1/x86_64/kernel-firmware-3.4.105-2.1.mbs1.noarch.rpm\r\n 137bd01930fe4bdc9d1b7f095fd3237e mbs1/x86_64/kernel-headers-3.4.105-2.1.mbs1.x86_64.rpm\r\n 66eb79923df892f0492dc8b4011e3f47 mbs1/x86_64/kernel-server-3.4.105-2.1.mbs1.x86_64.rpm\r\n 6f24362ea683103e480874c2ff93407a mbs1/x86_64/kernel-server-devel-3.4.105-2.1.mbs1.x86_64.rpm\r\n 36aee1a085a5083200a7ffbd5da543f6 mbs1/x86_64/kernel-source-3.4.105-2.mbs1.noarch.rpm\r\n 93aef55bcc1f02263e07541db93b45ce mbs1/x86_64/lib64cpupower0-3.4.105-2.1.mbs1.x86_64.rpm\r\n f73d1f80d3d0db90a63d3889b71cc60f mbs1/x86_64/lib64cpupower-devel-3.4.105-2.1.mbs1.x86_64.rpm\r\n 854eb4e04b196c33441ce932ba48dfc7 mbs1/x86_64/perf-3.4.105-2.1.mbs1.x86_64.rpm \r\n 4727802fbd1d77523b157b7fd36177ea mbs1/SRPMS/cpupower-3.4.105-2.1.mbs1.src.rpm\r\n 1f2e120416115a646e0026e6079ac9df mbs1/SRPMS/kernel-firmware-3.4.105-2.1.mbs1.src.rpm\r\n cf4f1bbc72cb9369162703efa7b5adc3 mbs1/SRPMS/kernel-headers-3.4.105-2.1.mbs1.src.rpm\r\n 145c57c74bc2346e9435284873062057 mbs1/SRPMS/kernel-server-3.4.105-2.1.mbs1.src.rpm\r\n 7154bb874ff6fd31772fa2e03fc0a186 mbs1/SRPMS/kernel-source-3.4.105-2.mbs1.src.rpm\r\n acd00535b878c07c70ac0b2680d1b9cc mbs1/SRPMS/perf-3.4.105-2.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUuULOmqjQ0CJFipgRAmTfAJ40ZrILR8XPoduEMKuokkZuOV2rXwCg424o\r\nPM+ddh+qKQrHCeweXyb+AdU=\r\n=zMRK\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-01-18T00:00:00", "title": "[ MDVSA-2015:027 ] kernel", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:56", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-5313", "CVE-2014-9529", "CVE-2014-9420", "CVE-2014-9090", "CVE-2014-3688", "CVE-2014-7841", "CVE-2014-6417", "CVE-2014-9322", "CVE-2014-6416", "CVE-2014-8884", "CVE-2014-6418", "CVE-2014-9584", "CVE-2014-8133", "CVE-2014-9419", "CVE-2014-7842", "CVE-2014-9585"], "modified": "2015-01-18T00:00:00", "id": "SECURITYVULNS:DOC:31621", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31621", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-18T13:48:49", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "3.2.63-2+deb7u2", "arch": "all", "packageFilename": "linux_3.2.63-2+deb7u2_all.deb", "packageName": "linux", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3093-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nDecember 08, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2014-7841 CVE-2014-8369 CVE-2014-8884 CVE-2014-9090\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-7841\n\n Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will\n panic on malformed INIT chunks by triggering a NULL pointer\n dereference.\n\nCVE-2014-8369\n\n A flaw was discovered in the way iommu mapping failures were handled\n in the kvm_iommu_map_pages() function in the Linux kernel. A guest\n OS user could exploit this flaw to cause a denial of service (host\n OS memory corruption) or possibly have other unspecified impact on\n the host OS.\n\nCVE-2014-8884\n\n A stack-based buffer overflow flaw was discovered in the\n TechnoTrend/Hauppauge DEC USB driver. A local user with write access\n to the corresponding device could use this flaw to crash the kernel\n or, potentially, elevate their privileges.\n\nCVE-2014-9090\n\n Andy Lutomirski discovered that the do_double_fault function in\n arch/x86/kernel/traps.c in the Linux kernel did not properly handle\n faults associated with the Stack Segment (SS) segment register,\n which allows local users to cause a denial of service (panic).\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.63-2+deb7u2. This update also includes fixes for regressions\nintroduced by previous updates.\n\nFor the unstable distribution (sid), these problems will be fixed soon\nin version 3.16.7-ckt2-1.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2014-12-08T21:09:35", "title": "[SECURITY] [DSA 3093-1] linux security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:48:49", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-9090", "CVE-2014-7841", "CVE-2014-8884"], "modified": "2014-12-08T21:09:35", "id": "DEBIAN:DSA-3093-1:AEFDE", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00283.html", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:14:12", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-alpha-legacy_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-alpha-legacy", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-patch-debian-2.6.32_2.6.32-48squeeze10_all.deb", "packageName": "linux-patch-debian-2.6.32", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-all-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-all-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-common-xen_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-common-xen", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-tools-2.6.32_2.6.32-48squeeze10_all.deb", "packageName": "linux-tools-2.6.32", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-alpha-legacy_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-alpha-legacy", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-xen-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-xen-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-libc-dev_2.6.32-48squeeze10_all.deb", "packageName": "linux-libc-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-alpha-generic_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-alpha-generic", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-common-openvz_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-common-openvz", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-vserver-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-vserver-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-source-2.6.32_2.6.32-48squeeze10_all.deb", "packageName": "linux-source-2.6.32", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-common_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-alpha-generic_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-alpha-generic", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-all-alpha_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-all-alpha", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-openvz-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-openvz-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-doc-2.6.32_2.6.32-48squeeze10_all.deb", "packageName": "linux-doc-2.6.32", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-vserver-amd64-dbg_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-vserver-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "firmware-linux-free_2.6.32-48squeeze10_all.deb", "packageName": "firmware-linux-free", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-amd64-dbg_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "_2.6.32-48squeeze10_all.deb", "packageName": "", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-all_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-all", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-alpha-smp_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-alpha-smp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-openvz-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-openvz-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-2.6_2.6.32-48squeeze10_all.deb", "packageName": "linux-2.6", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-alpha-smp_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-alpha-smp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-manual-2.6.32_2.6.32-48squeeze10_all.deb", "packageName": "linux-manual-2.6.32", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-base_2.6.32-48squeeze10_all.deb", "packageName": "linux-base", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-common-vserver_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-common-vserver", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-image-2.6.32-5-openvz-amd64-dbg_2.6.32-48squeeze10_all.deb", "packageName": "linux-image-2.6.32-5-openvz-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-headers-2.6.32-5-vserver-amd64_2.6.32-48squeeze10_all.deb", "packageName": "linux-headers-2.6.32-5-vserver-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze10", "arch": "all", "packageFilename": "linux-support-2.6.32-5_2.6.32-48squeeze10_all.deb", "packageName": "linux-support-2.6.32-5", "operator": "lt"}], "description": "Package : linux-2.6\nVersion : 2.6.32-48squeeze10\nCVE ID : CVE-2014-3185 CVE-2014-3687 CVE-2014-3688 CVE-2014-6410\n CVE-2014-7841 CVE-2014-8709 CVE-2014-8884\n\nNon-maintainer upload by the Squeeze LTS and Kernel Teams.\n\nNew upstream stable release 2.6.32.65, see\nhttp://lkml.org/lkml/2014/12/13/81 for more information.\n\nThe stable release 2.6.32.65 includes the following new commits compared\nto the previous 2.6.32-48squeeze9 package:\n\n - USB: whiteheat: Added bounds checking for bulk command response\n (CVE-2014-3185)\n - net: sctp: fix panic on duplicate ASCONF chunks (CVE-2014-3687)\n - net: sctp: fix remote memory pressure from excessive queueing\n (CVE-2014-3688)\n - udf: Avoid infinite loop when processing indirect ICBs (CVE-2014-6410)\n - net: sctp: fix NULL pointer dereference in af->from_addr_param on\n malformed packet (CVE-2014-7841)\n - mac80211: fix fragmentation code, particularly for encryption\n (CVE-2014-8709)\n - ttusb-dec: buffer overflow in ioctl (CVE-2014-8884)\n\nWe recommend that you upgrade your linux-2.6 packages.\n\n\n\nWe apologize for a minor cosmetic glitch:\n\nThe following commits were already included in 2.6.32-48squeeze9 despite\nclaims in debian/changelog they were only fixed in 2.6.32-48squeez10:\n\n - vlan: Don't propagate flag changes on down interfaces.\n - sctp: Fix double-free introduced by bad backport in 2.6.32.62\n - md/raid6: Fix misapplied backport in 2.6.32.64\n - block: add missing blk_queue_dead() checks\n - block: Fix blk_execute_rq_nowait() dead queue handling\n - proc connector: Delete spurious memset in proc_exit_connector()\n", "edition": 1, "reporter": "Debian", "published": "2014-12-21T17:46:09", "title": "[SECURITY] [DLA 118-1] linux-2.6 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:12", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3688", "CVE-2014-7841", "CVE-2014-8709", "CVE-2014-3185", "CVE-2014-8884", "CVE-2014-6410", "CVE-2014-3687"], "modified": "2014-12-21T17:46:09", "id": "DEBIAN:DLA-118-1:98410", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201412/msg00020.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:38:28", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.14.el6uek-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.32-400.36.14.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.32-400.36.14.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.14.el6uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.14.el6uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.14.el6uek-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uekdebug-1.5.7-2.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.32-400.36.14.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.32-400.36.14.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.14.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.14.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uek-1.5.7-2.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.14.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.14.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uekdebug-1.5.7-0.1.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.14.el5uek-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.14.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.14.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.14.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uek-1.5.7-2.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.14.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.14.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uek-1.5.7-0.1.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uek-1.5.7-0.1.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uek-1.5.7-0.1.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.14.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.14.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.14.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.14.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.14.el6uekdebug-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.32-400.36.14.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uekdebug-1.5.7-2.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.32-400.36.14.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.14.el5uekdebug-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uek-1.5.7-2.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.14.el5uek-1.5.7-2.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.32-400.36.14.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.32-400.36.14.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.14.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.14.el5uek-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uek-1.5.7-0.1.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.14.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.32-400.36.14.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.14.el6uekdebug-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.14.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.32-400.36.14.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.14.el5uekdebug-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.32-400.36.14.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.14.el6uekdebug-1.5.7-0.1.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.14.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.14.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.32-400.36.14.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.14.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.14.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.14.el5uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.14.el5uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.14.el5uek", "operator": "lt"}], "description": "kernel-uek\n[2.6.32-400.36.14uek]\n- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425334] {CVE-2014-7841}", "edition": 3, "reporter": "Oracle", "published": "2015-01-29T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841"], "modified": "2015-01-29T00:00:00", "id": "ELSA-2015-3005", "href": "http://linux.oracle.com/errata/ELSA-2015-3005.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:38:24", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.246.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.246.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.246.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.246.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.246.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.246.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.246.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.246.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.246.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.246.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.246.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.246.2.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.246.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.246.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.246.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.246.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.246.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.246.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.246.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.246.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.246.2.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.246.2.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.246.2.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.246.2.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.246.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.246.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.246.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.246.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.246.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.246.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}], "description": "[2.6.39-400.246.2]\n- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425333] {CVE-2014-7841}\n[2.6.39-400.246.1]\n- sched: Fix possible divide by zero in avg_atom() calculation (Mateusz Guzik) [Orabug: 20148169] \n- include/linux/math64.h: add div64_ul() (Alex Shi) \n- deadlock when two nodes are converting same lock from PR to EX and idletimeout closes conn (Tariq Saeed) [Orabug: 18639535] \n- bonding: Bond master should reflect slave's features. (Ashish Samant) [Orabug: 20231825] \n- x86, fpu: remove the logic of non-eager fpu mem allocation at the first usage (Annie Li) [Orabug: 20239143] \n- x86, fpu: remove cpu_has_xmm check in the fx_finit() (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: make eagerfpu= boot param tri-state (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: enable eagerfpu by default for xsaveopt (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: decouple non-lazy/eager fpu restore from xsave (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: use non-lazy fpu restore for processors supporting xsave (Suresh Siddha) [Orabug: 20239143] \n- lguest, x86: handle guest TS bit for lazy/non-lazy fpu host models (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: always use kernel_fpu_begin/end() for in-kernel FPU usage (Suresh Siddha) [Orabug: 20239143] \n- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: remove unnecessary user_fpu_end() in save_xstate_sig() (Suresh Siddha) [Orabug: 20239143] \n- raid5: add AVX optimized RAID5 checksumming (Jim Kukunas) [Orabug: 20239143] \n- x86, fpu: drop the fpu state during thread exit (Suresh Siddha) [Orabug: 20239143] \n- x32: Add a thread flag for x32 processes (H. Peter Anvin) [Orabug: 20239143] \n- x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels (Suresh Siddha) [Orabug: 20239143] \n- x86, fpu: Consolidate inline asm routines for saving/restoring fpu state (Suresh Siddha) [Orabug: 20239143] \n- x86, signal: Cleanup ifdefs and is_ia32, is_x32 (Suresh Siddha) [Orabug: 20239143] \ninto exported and internal interfaces (Linus Torvalds) [Orabug: 20239143] \n- i387: Uninline the generic FP helpers that we expose to kernel modules (Linus Torvalds) [Orabug: 20239143] \n- i387: use 'restore_fpu_checking()' directly in task switching code (Linus Torvalds) [Orabug: 20239143] \n- i387: fix up some fpu_counter confusion (Linus Torvalds) [Orabug: 20239143]", "edition": 3, "reporter": "Oracle", "published": "2015-01-29T00:00:00", "title": "Unbreakable Enterprise kernel security and bugfix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841"], "modified": "2015-01-29T00:00:00", "id": "ELSA-2015-3004", "href": "http://linux.oracle.com/errata/ELSA-2015-3004.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:49:17", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-55.1.5.el7uek-0.4.3-4.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-55.1.5.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-55.1.5.el6uek-0.4.3-4.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-55.1.5.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-55.1.5.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-55.1.5.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-55.1.5.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-55.1.5.el6uek-0.4.3-4.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-55.1.5.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-55.1.5.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-55.1.5.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-55.1.5.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-55.1.5.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-55.1.5.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-55.1.5.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-55.1.5.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-55.1.5.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-55.1.5.el7uek-0.4.3-4.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-55.1.5.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-55.1.5.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.5.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-55.1.5.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.5.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-55.1.5.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-55.1.5]\n- [CIFS] Possible null ptr deref in SMB2_tcon (Steve French) [Orabug: 20433140] {CVE-2014-7145}\n[3.8.13-55.1.4]\n- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425332] {CVE-2014-7841}\n[3.8.13-55.1.3]\n- ACPI: x2apic entry ignored (Cathy Avery) [Orabug: 19475776] \n- i40e: relax the firmware API version check (Shannon Nelson) [Orabug: 20216831] \n- x86, fpu: remove the logic of non-eager fpu mem allocation at the first usage (Annie Li) [Orabug: 20232585] \n- iommu/{vt-d,amd}: Remove multifunction assumption around grouping (Alex Williamson) [Orabug: 20192796]", "edition": 3, "reporter": "Oracle", "published": "2015-01-29T00:00:00", "title": "Unbreakable Enterprise kernel security and bugfix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-7145"], "modified": "2015-01-29T00:00:00", "id": "ELSA-2015-3003", "href": "http://linux.oracle.com/errata/ELSA-2015-3003.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:35", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-504.8.1.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-504.8.1.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-504.8.1.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-504.8.1.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "perf-2.6.32-504.8.1.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "src", "packageFilename": "kernel-2.6.32-504.8.1.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "src", "packageFilename": "kernel-2.6.32-504.8.1.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-504.8.1.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}], "description": "[2.6.32-504.8.1]\n- [crypto] crc32c: Kill pointless CRYPTO_CRC32C_X86_64 option (Jarod Wilson) [1175509 1036212]\n- [crypto] testmgr: add larger crc32c test vector to test FPU path in crc32c_intel (Jarod Wilson) [1175509 1036212]\n- [crypto] tcrypt: Added speed test in tcrypt for crc32c (Jarod Wilson) [1175509 1036212]\n- [crypto] crc32c: Optimize CRC32C calculation with PCLMULQDQ instruction (Jarod Wilson) [1175509 1036212]\n- [crypto] crc32c: Rename crc32c-intel.c to crc32c-intel_glue.c (Jarod Wilson) [1175509 1036212]\n[2.6.32-504.7.1]\n- [kernel] ipc/sem: Fully initialize sem_array before making it visible (Rik van Riel) [1172029 1165277]\n- [kernel] ipc/sem: synchronize semop and semctl with IPC_RMID (Rik van Riel) [1172029 1165277]\n- [kernel] ipc/sem: update sem_otime for all operations (Larry Woodman) [1172025 1168588]\n- [fs] fuse: prevent null nd panic on dentry revalidate (Brian Foster) [1172022 1162782]\n- [net] netfilter: ipset: timeout values corrupted on set resize (Marcelo Leitner) [1172764 1152754]\n- [net] netfilter: fix xt_TCPOPTSTRIP in forwarding path (Marcelo Leitner) [1172027 1135650]\n- [usb] ehci: Fix panic on hotplug race condition (Don Zickus) [1172024 1107010]\n- [usb] usb_wwan: replace release and disconnect with a port_remove hook (Stanislaw Gruszka) [1172030 1148615]\n- [x86] traps: stop using IST for #SS (Petr Matousek) [1172810 1172811] {CVE-2014-9322}\n[2.6.32-504.6.1]\n- [fs] ext4: don't count external journal blocks as overhead (Eric Sandeen) [1168504 1163811]\n- [net] sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [1163090 1153980] {CVE-2014-7841}\n- [netdrv] e100: fix typo in MDI/MDI-X eeprom check in e100_phy_init (John Greene) [1165985 1156417]\n- [powerpc] Add smp_mb()s to arch_spin_unlock_wait() (Gustavo Duarte) [1165986 1136224]\n- [powerpc] Add smp_mb() to arch_spin_is_locked() (Gustavo Duarte) [1165986 1136224]\n- [kernel] cpuset: PF_SPREAD_PAGE and PF_SPREAD_SLAB should be atomic flags (Aaron Tomlin) [1165002 1045310]\n- [documentation] cpuset: Update the cpuset flag file (Aaron Tomlin) [1165002 1045310]\n- [alsa] control: Make sure that id->index does not overflow (Jacob Tanenbaum) [1149140 1117312] {CVE-2014-4656}\n- [alsa] control: Handle numid overflow (Jacob Tanenbaum) [1149140 1117312] {CVE-2014-4656}\n- [s390] mm: fix SIGBUS handling (Hendrik Brueckner) [1169433 1145070]\n- [fs] gfs2: fix bad inode i_goal values during block allocation (Abhijith Das) [1165001 1130684]\n- [md] dm-thin: fix pool_io_hints to avoid looking at max_hw_sectors (Mike Snitzer) [1161420 1161421 1142773 1145230]\n[2.6.32-504.5.1]\n- [fs] nfsd: don't halt scanning the DRC LRU list when there's an RC_INPROG entry (J. Bruce Fields) [1168129 1150675]\n[2.6.32-504.4.1]\n- [fs] nfs: Make sure pre_change_attr is initialized correctly (Scott Mayhew) [1163214 1160042]\n- [usb] ehci: Fix a regression in the ISO scheduler (Gustavo Duarte) [1162072 1145805]", "edition": 3, "reporter": "Oracle", "published": "2015-01-28T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-9322", "CVE-2014-4656"], "modified": "2015-01-28T00:00:00", "id": "ELSA-2015-0087", "href": "http://linux.oracle.com/errata/ELSA-2015-0087.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:36", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "src", "packageFilename": "kernel-3.10.0-229.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-229.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-229.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-229.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-229.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}], "description": "[3.10.0-229]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-229]\n- [net] rtnetlink: allow to register ops without ops->setup set (Jiri Benc) [1186492]\n[3.10.0-228]\n- [fs] NFSv4.1: Fix an Oops in nfs41_walk_client_list (Steve Dickson) [1185784]\n- [misc] redhat: dont suppress Revert patches from changelog (Jarod Wilson) [1187353]\n- [infiniband] Revert: ipoib: Consolidate rtnl_lock tasks in workqueue (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: Make the carrier_on_task race aware (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: fix MCAST_FLAG_BUSY usage (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: fix mcast_dev_flush/mcast_restart_task race (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: change init sequence ordering (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: Use dedicated workqueues per interface (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: Make ipoib_mcast_stop_thread flush the workqueue (Doug Ledford) [1179740]\n- [infiniband] Revert: ipoib: No longer use flush as a parameter (Doug Ledford) [1179740]\n- [fs] fix deadlock in cifs_ioctl_clone() (Sachin Prabhu) [1183980]\n- [md] dm-cache: fix missing ERR_PTR returns and handling (Mike Snitzer) [1182665]\n- [fs] cifs: fix regression in cifs_create_mf_symlink() (Sachin Prabhu) [1186324]\n- [net] ipv4: try to cache dst_entries which would cause a redirect (Hannes Frederic Sowa) [1181819]\n- [fs] coredump: add new P variable in core_pattern (Jiri Olsa) [1186360]\n- [drm] fix fb-helper vs MST dangling connector ptrs (Rob Clark) [1184968]\n- [net] bridge: Program port vlan filters only if filtering is enabled in bridge (Vlad Yasevich) [1183958]\n- [fs] cifs: Complete oplock break jobs before closing file handle (Sachin Prabhu) [1177215]\n- [fs] LOCKD: Fix a race when initialising nlmsvc_timeout (Benjamin Coddington) [1144982]\n- [scsi] hpsa: add in P840ar controller model name (Joseph Szczypek) [1185467]\n- [scsi] hpsa: add in gen9 controller model names (Joseph Szczypek) [1185467]\n[3.10.0-227]\n- [fs] ext4: fix overwrite race condition (Jacob Tanenbaum) [1152607] {CVE-2014-8086}\n- [media] ttusb-dec: buffer overflow in ioctl (Alexander Gordeev) [1167116] {CVE-2014-8884}\n- [drm] i915: demote opregion excessive timeout WARN_ONCE to DRM_INFO_ONCE (Rob Clark) [1145627]\n- [md] Revert: raid56: Dont perform reads to support writes until stripe is ready (Jes Sorensen) [1153796]\n- [md] Revert: raid5: avoid livelock caused by non-aligned writes (Jes Sorensen) [1153796]\n- [drm] i915: further quiet i915 (Rob Clark) [1163074]\n- [scsi] megaraid_sas: endianness related bug fixes and code optimization (Tomas Henzl) [1179748]\n- [s390] crypto: kernel oops at insmod of the z90crypt device driver (Hendrik Brueckner) [1172136]\n- [drm] mgag200: Add command line option to specify preferred depth (Dave Airlie) [1044555]\n- [drm] mgag200: Consolidate depth/bpp handling (Dave Airlie) [1044555]\n- [fs] Revert: ext4: revert Disable punch hole on non-extent mapped files (Lukas Czerner) [1176840]\n[3.10.0-226]\n- [md] dm-cache: fix problematic dual use of a single migration count variable (Mike Snitzer) [1182665]\n- [md] dm-cache: share cache-metadata object across inactive and active DM tables (Mike Snitzer) [1182665]\n- [net] tun/macvtap: use consume_skb() instead of kfree_skb() when needed (Jiri Pirko) [1182805]\n- [virt] Revert: hyperv: Add handler for RNDIS_STATUS_NETWORK_CHANGE event (Jason Wang) [1164163]\n- [virt] kvm/vmx: invalid host cr4 handling across vm entries (Jacob Tanenbaum) [1153329] {CVE-2014-3690}\n- [virt] virtio-scsi: Fix the race condition in virtscsi_handle_event (Fam Zheng) [1152140]\n- [virt] kvm: workaround SuSEs 2.6.16 pvclock vs masterclock issue (Marcelo Tosatti) [1177718]\n- [fs] bdi: avoid oops on device removal (Fam Zheng) [1087179]\n- [mm] backing_dev: fix hung task on sync (Fam Zheng) [1087179]\n- [mm] Revert: vmstat: create separate function to fold per cpu diffs into local counters (Larry Woodman) [1179654]\n- [mm] Revert: vmstat: create fold_diff (Larry Woodman) [1179654]\n- [mm] Revert: vmstat: use this_cpu() to avoid irqon/off sequence in refresh_cpu_vm_stats (Larry Woodman) [1179654]\n- [mm] Revert: vmstat: on-demand vmstat workers V8 (Larry Woodman) [1179654]\n[3.10.0-225]\n- [net] team: avoid possible underflow of count_pending value for notify_peers and mcast_rejoin (Jiri Pirko) [1176697]\n- [fs] seq_file: dont include mm.h in genksyms calculation (Ian Kent) [1183280]\n- [scsi] Avoid crashing if device uses DIX but adapter does not support it (Ewan Milne) [1093012]\n[3.10.0-224]\n- [fs] xfs: catch invalid negative blknos in _xfs_buf_find() (Eric Sandeen) [1164128]\n- [fs] proc: make proc_fd_permission() thread-friendly (Carlos Maiolino) [1171242]\n- [fs] rpc: fix xdr_truncate_encode to handle buffer ending on page boundary ('J. Bruce Fields') [1176641]\n- [fs] nfs: nfs4_fl_prepare_ds, fix bugs when the connect attempt fails (Steve Dickson) [1113248]\n- [fs] gfs2: fix bad inode i_goal values during block allocation (Abhijith Das) [1144209]\n- [fs] nfsd: allow turning off nfsv3 readdir_plus (Steve Dickson) [1178949]\n- [fs] nfsd4: fix xdr4 count of server in fs_location4 (Benjamin Coddington) [1164055]\n- [fs] nfsd4: fix xdr4 inclusion of escaped char (Benjamin Coddington) [1164055]\n- [fs] xfs: replace global xfslogd wq with per-mount wq (Brian Foster) [1155929]\n- [fs] xfs: mark all internal workqueues as freezable (Brian Foster) [1155929]\n- [fs] overlayfs: Add call to mark_tech_preview (BZ 1180613) (David Howells) [1180613]\n- [fs] aio: fix uncorrent dirty pages accouting when truncating AIO ring buffer (Jeff Moyer) [1159346]\n- [infiniband] ocrdma: fix hardcoded max cqe and max send wr (Doug Ledford) [1158148]\n- [crypto] aesni-intel: Add support for 192 & 256 bit keys to AESNI RFC4106 (Jarod Wilson) [1176266]\n- [block] blk-mq: Fix a use-after-free (Fam Zheng) [1152159]\n- [crypto] drbg: panic on continuous self test error (Jarod Wilson) [1179496]\n- [ethernet] mlx4: Cache line CQE/EQE stride fixes (Doug Ledford) [1088499 1173483]\n- [ethernet] mlx4: Add mlx4_en_get_cqe helper (Doug Ledford) [1088499 1173483]\n- [ethernet] mlx4: Cache line EQE size support (Doug Ledford) [1088499 1173483]\n- [infiniband] ocrdma: Fix ocrdma_query_qp() to report q_key value for UD QPs (Doug Ledford) [1167256]\n- [infiniband] ocrdma: Always resolve destination mac from GRH for UD QPs (Doug Ledford) [1167256]\n- [net] gre: fix the inner mac header in nbma tunnel xmit path (Alexander Duyck) [1168608]\n[3.10.0-223]\n- [md] dm-thin: fix crash by initializing thin devices refcount and completion earlier (Mike Snitzer) [1175282]\n- [scsi] storvsc: Fix a bug in storvsc limits (Vitaly Kuznetsov) [1174162]\n- [iser-target] Ignore non TEXT + LOGOUT opcodes for discovery (Andy Grover) [1058736]\n- [iser-target] Add support for ISCSI_OP_TEXT opcode + payload handling (Andy Grover) [1058736]\n- [iser-target] Rename sense_buf_dma/len to pdu_dma/len (Andy Grover) [1058736]\n- [iscsi-target] Add IFC_SENDTARGETS_SINGLE support (Andy Grover) [1058736]\n- [iscsi-target] Move sendtargets parsing into iscsit_process_text_cmd (Andy Grover) [1058736]\n- [iscsi-target] Allow ->MaxXmitDataSegmentLength assignment for iser discovery (Andy Grover) [1058736]\n- [iscsi-target] Refactor ISCSI_OP_TEXT_RSP TX handling (Andy Grover) [1058736]\n- [iscsi-target] Refactor ISCSI_OP_TEXT RX handling (Andy Grover) [1058736]\n- [iscsi] isert-target: Refactor ISCSI_OP_NOOP RX handling (Andy Grover) [1058736]\n- [net] description of dma_cookie cause make xmldocs warning (Jiri Benc) [1173444]\n- [net] tcp: make tcp_cleanup_rbuf private (Jiri Benc) [1173444]\n- [net] net_dma: revert 'copied_early' (Jiri Benc) [1173444]\n- [net] net_dma: mark broken (Jiri Benc) [1173444]\n- [net] unix: allow set_peek_off to fail (Jiri Benc) [1123777]\n- [net] ppp: ppp-ioctl.h: pull in ppp_defs.h (Jiri Benc) [1159802]\n- [net] bridge: Add filtering support for default_pvid (Vlad Yasevich) [1164653]\n- [net] bridge: Simplify pvid checks (Vlad Yasevich) [1164653]\n- [net] bridge: Add a default_pvid sysfs attribute (Vlad Yasevich) [1164653]\n- [net] bridge: Prepare for 802.1ad vlan filtering support (Vlad Yasevich) [1164653]\n- [net] bridge: Fix the way to check if a local fdb entry can be deleted (Vlad Yasevich) [1164653]\n- [net] bridge: Fix the way to insert new local fdb entries in br_fdb_changeaddr (Vlad Yasevich) [1164653]\n- [net] Remove extern from function prototypes (Vlad Yasevich) [1164653]\n- [ethernet] mlx5: Add more supported devices (Amir Vadai) [1169277]\n- [infiniband] mlx4: Fix wrong usage of IPv4 protocol for multicast attach/detach (Amir Vadai) [1151331]\n- [ethernet] mlx4: mlx4_en_set_settings() always fails when autoneg is set (Amir Vadai) [1170129]\n[3.10.0-222]\n- [scsi] qla2xxx: Update version number to 8.07.00.08.07.1-k2 (Chad Dupuis) [1085239]\n- [scsi] qla2xxx: Move mailbox failure messages to a default debug level (Chad Dupuis) [1085239]\n- [security] commoncap: dont alloc the credential unless needed in cap_task_prctl (Paul Moore) [1056347]\n- [iommu] vt-d: Fix dmar_domain leak in iommu_attach_device (Myron Stowe) [1109829]\n- [iommu] vt-d: Only remove domain when device is removed (Myron Stowe) [1109829]\n- [base] core: Add BUS_NOTIFY_REMOVED_DEVICE event (Myron Stowe) [1109829]\n- [powerpc] kdump: Ignore failure in enabling big endian exception during crash (Steve Best) [1170362]\n- [infiniband] srpt: convert printks to pr_* functions (Doug Ledford) [1174910]\n- [infiniband] srpt: Handle GID change events (Doug Ledford) [1174910]\n- [input] alps: fix v4 button press recognition (Benjamin Tissoires) [1107819]\n- [input] alps: v7 - document the v7 touchpad packet protocol (Benjamin Tissoires) [1107819]\n- [input] alps: v7 - fix finger counting for > 2 fingers on clickpads (Benjamin Tissoires) [1107819]\n- [input] alps: v7 - sometimes a single touch is reported in mt[1] (Benjamin Tissoires) [1107819]\n- [input] alps: v7 - ignore new packets (Benjamin Tissoires) [1107819]\n- [powerpc] perf/hv-24x7: Use kmem_cache_free() instead of kfree (Gustavo Duarte) [1171795]\n- [powerpc] perf/hv-24x7: Use per-cpu page buffer (Gustavo Duarte) [1171795]\n- [powerpc] perf/hv-24x7: use kmem_cache instead of aligned stack allocations (Gustavo Duarte) [1171795]\n- [powerpc] perf/hv-24x7: Use kmem_cache_free (Gustavo Duarte) [1171795]\n- [powerpc] Fill in si_addr_lsb siginfo field (Gustavo Duarte) [1173267]\n- [powerpc] Add VM_FAULT_HWPOISON handling to powerpc page fault handler (Gustavo Duarte) [1173267]\n- [fs] dlm: fix missing endian conversion of rcom_status flags (Andrew Price) [1175900]\n- [scsi] add Intel Multi-Flex to scsi scan blacklist (Hannes Frederic Sowa) [1175862]\n- [scsi] do not issue SCSI RSOC command to Promise Vtrak E610f (Hannes Frederic Sowa) [1175862]\n- [scsi] scsi_lib: rate-limit the error message from failing commands (Tomas Henzl) [1175785]\n- [scsi] iscsi_ibft: Fix finding Broadcom specific ibft sign (Chris Leech) [1095169]\n[3.10.0-221]\n- [ethernet] enic: fix rx skb checksum (Stefan Assmann) [1154182]\n- [x86] uv: make kdump default action for 'power nmi' (George Beshers) [1175560]\n- [virt] powerpc/kvm: book3s_hv - Fix KSM memory corruption (David Gibson) [1170394]\n- [pci] Revert: Remove from bus_list and release resources in pci_release_dev() (Prarit Bhargava) [1172946]\n- [powercap] rapl: add support for CPU model 0x3f (Rui Wang) [1177579]\n- [kernel] audit: dont attempt to lookup PIDs when changing PID filtering audit rules (Paul Moore) [1172624]\n- [ethernet] ixgbe: avoid possible read_reg panic caused by late method binding (John Greene) [1145772]\n- [ethernet] ixgbe: bump version number (John Greene) [1145772]\n- [ethernet] ixgbe: Add X550 support function pointers (John Greene) [1145772]\n- [ethernet] ixgbe: Add new support for X550 MACs (John Greene) [1145772]\n- [ethernet] ixgbe: Add x550 SW/FW semaphore support (John Greene) [1145772]\n- [ethernet] ixgbe: add methods for combined read and write operations (John Greene) [1145772]\n- [ethernet] ixgbe: cleanup checksum to allow error results (John Greene) [1145772]\n- [ethernet] ixgbe: Add timeout parameter to ixgbe_host_interface_command (John Greene) [1145772]\n- [ethernet] ixgbe: Fix spurious release o f s e m a p h o r e i n E E P R O M a c c e s s ( J o h n G r e e n e ) [ 1 1 4 5 7 7 2 ] b r > - [ d r m ] i 9 1 5 : r e m o v e t h e I R Q s e n a b l e d W A R N f r o m i n t e l _ d i s a b l e _ g t _ p o w e r s a v e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : t a m e t h e c h a t t e r m o u t h ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : A v o i d m e m o r y a l l o c a t i o n f r o m s h r i n k e r f u n c t i o n s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : F i x p o s s i b l e s t a c k o v e r f l o w b y r e c u r s i v e s h r i n k e r c a l l s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : U s e m u t e x _ t r y l o c k ( ) t o a v o i d d e a d l o c k i n s i d e s h r i n k e r f u n c t i o n s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] v i d e o / f b : P r o p a g a t e e r r o r c o d e f r o m f a i l i n g t o u n r e g i s t e r c o n f l i c t i n g f b ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : s a v e / r e s t o r e G M B U S f r e q a c r o s s s u s p e n d / r e s u m e o n g e n 4 ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : r e s u m e M S T a f t e r r e a d i n g b a c k h w s t a t e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] d p - m s t : R e m o v e b r a n c h e s b e f o r e d r o p p i n g t h e r e f e r e n c e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] f b _ h e l p e r : m o v e d e f e r r e d f b c h e c k i n g i n t o r e s t o r e m o d e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] d p : r e t r y A U X t r a n s a c t i o n s 3 2 t i m e s ( v 1 . 1 ) ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : I g n o r e l o n g h p d s o n e D P p o r t s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 / d p : o n l y u s e t r a i n i n g p a t t e r n 3 o n p l a t f o r m s t h a t s u p p o r t i t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : s y n c a l l B O s i n v o l v e d i n a C S ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : k e r n e l p a n i c i n d r m _ c a l c _ v b l t i m e s t a m p _ f r o m _ s c a n o u t p o s w i t h 3 . 1 8 . 0 - r c 6 ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : U n l o c k p a n e l e v e n w h e n L V D S i s d i s a b l e d ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : M o r e c a u t i o u s w i t h p c h f i f o u n d e r r u n s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : I g n o r e S U R F L I V E a n d f l i p c o u n t e r w h e n t h e G P U g e t s r e s e t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : K i c k f b d e v b e f o r e v g a c o n ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : H a n d l e f a i l u r e t o k i c k o u t a c o n f l i c t i n g f b d r i v e r ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : d r o p W a S e t u p G t M o d e T d R o w D i s p a t c h : s n b ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d l o c k i n g a r o u n d a t o m b i o s s c r a t c h s p a c e u s a g e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d m i s s i n g c r t c u n l o c k w h e n s e t t i n g u p t h e M C ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : D i s a b l e c a c h e s f o r G l o b a l G T T ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : D o n o t l e a k p a g e s w h e n f r e e i n g u s e r p t r o b j e c t s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] a s t : F i x H W c u r s o r i m a g e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : U s e d r m _ m a l l o c _ a b i n s t e a d o f k m a l l o c _ a r r a y ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / d p m : d i s a b l e u l v s u p p o r t o n S I ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : D o a d u m m y D P C D r e a d b e f o r e t h e a c t u a l r e a d ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / b i o s : m e m s e t d c b s t r u c t t o z e r o b e f o r e p a r s i n g ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n v 5 0 / d i s p : f i x d p m s r e g r e s s i o n o n c e r t a i n b o a r d s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / l t c : f i x c b c i s s u e s o n c e r t a i n b o a r d s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / l t c : f i x t a g b a s e a d d r e s s g e t t i n g t r u n c a t e d i f a b o v e 4 G i B ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n v c 0 - / f b / r a m : f i x u s e o f n o n - e x i s t a n t r a m i f p a r t i t i o n s a r e n t u n i f o r m ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / b a r : b e h a v e b e t t e r i f i o r e m a p f a i l e d ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u : m a k e s u r e d i s p l a y h a r d w a r e i s r e i n i t i a l i s e d o n r u n t i m e r e s u m e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u : p u n t f b c o n r e s u m e o u t t o a w o r k q u e u e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / k m s : r e s t o r e a c c e l e r a t i o n b e f o r e f b _ s e t _ s u s p e n d ( ) r e s u m e s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u / k m s : t a k e m o r e c a r e w h e n p u l l i n g d o w n a c c e l e r a t e d f b c o n ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : F l u s h t h e P T E s a f t e r u p d a t i n g t h e m b e f o r e s u s p e n d ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] r a d e o n / c i k : u s e a s e p a r a t e c o u n t e r f o r C P i n i t t i m e o u t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / d p m : f i x r e s u m e o n m u l l i n s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : d o n t r e s e t d m a o n r 6 x x - e v e r g r e e n i n i t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : d o n t r e s e t s d m a o n C I K i n i t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : d o n t r e s e t d m a o n N I / S I i n i t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d c o n n e c t o r q u i r k f o r f u j i t s u b o a r d ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / d p m : s e t t h e t h e r m a l t y p e p r o p e r l y f o r s p e c i a l c o n f i g s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : f i x s e m a p h o r e v a l u e i n i t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : h a n d l e b r o k e n d i s a b l e d r b m a s k g r a c e f u l l y ( 6 x x / 7 x x ) ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : f i x a c t i v e _ c u m a s k o n S I a n d C I K a f t e r r e - i n i t ( v 3 ) ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : f i x a c t i v e c u c o u n t f o r S I a n d C I K ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : f i x p m h a n d l i n g i n r a d e o n _ g p u _ r e s e t ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : p r o p e r l y d o c u m e n t r e l o c p r i o r i t y m a s k ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / d p m : s e l e c t t h e a p p r o p r i a t e v c e p o w e r s t a t e f o r K V / K B / M L ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : A d d m i s s i n g l i n e s t o c i _ s e t _ t h e r m a l _ t e m p e r a t u r e _ r a n g e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : A d d a b i l i t y t o g e t a n d c h a n g e d p m s t a t e w h e n r a d e o n P X c a r d i s t u r n e d o f f ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] v m w g f x : F i x a p o t e n t i a l i n f i n i t e s p i n w a i t i n g f o r f i f o i d l e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] a s t : A S T 2 0 0 0 c a n n o t b e d e t e c t e d c o r r e c t l y ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] a s t : o p e n k e y b e f o r e d e t e c t c h i p s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] i 9 1 5 : D o n t l e a k c o m m a n d p a r s e r t a b l e s o n s u s p e n d / r e s u m e ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 / h d m i : f i x h d m i a u d i o s t a t e r e a d o u t ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : W a i t f o r v b l a n k b e f o r e e n a b l i n g t h e T V e n c o d e r ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : F i x E I O / w e d g e d h a n d l i n g i n g e m f a u l t h a n d l e r ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : F i x l o c k d r o p p i n g i n i n t e l _ t v _ d e t e c t ( ) ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : R e m o v e b o g u s _ _ i n i t a n n o t a t i o n f r o m D M I c a l l b a c k s ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : I g n o r e V B T b a c k l i g h t p r e s e n c e c h e c k o n A c e r C 7 2 0 ( 4 0 0 5 U ) ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : f i x p l a n e / c u r s o r h a n d l i n g w h e n r u n t i m e s u s p e n d e d ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : d o n t t r y t o r e t r a i n a D P l i n k o n a n i n a c t i v e C R T C ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : F i x l o c k i n g f o r i n t e l _ e n a b l e _ p i p e _ a ( ) ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : S k i p l o a d d e t e c t w h e n i n t e l _ c r t c - > n e w _ e n a b l e = = t r u e ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : D i s a b l e R C S f l i p s o n I v y b r i d g e ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : r e a d H E A D r e g i s t e r b a c k i n i n i t _ r i n g _ c o m m o n ( ) t o e n f o r c e o r d e r i n g ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] i 9 1 5 : F i x c r a s h w h e n f a i l i n g t o p a r s e M I P I V B T ( R o b C l a r k ) [ 1 1 5 3 3 0 1 ] b r > - [ d r m ] r a d e o n : t w e a k A C C E L _ W O R K I N G 2 q u e r y f o r h a w a i i ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / a t o m : a d d n e w v o l t a g e f e t c h f u n c t i o n f o r h a w a i i ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : s e t V M b a s e a d d r u s i n g t h e P F P ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : l o a d t h e l m 6 3 d r i v e r f o r a n l m 6 4 t h e r m a l c h i p ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : r e - e n a b l e d p m b y d e f a u l t o n B T C ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : r e - e n a b l e d p m b y d e f a u l t o n c a y m a n ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n / d p m : h a n d l e v o l t a g e i n f o f e t c h i n g o n h a w a i i ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : C h o o s e a p o o l t o s h r i n k c o r r e c t l y i n t t m _ d m a _ p o o l _ s h r i n k _ s c a n ( ) ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : F i x p o s s i b l e d i v i s i o n b y 0 i n t t m _ d m a _ p o o l _ s h r i n k _ s c a n ( ) ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] t t m : f i x h a n d l i n g o f T T M _ P L _ F L A G _ T O P D O W N ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u : B u m p v e r s i o n f r o m 1 . 1 . 1 t o 1 . 1 . 2 ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] n o u v e a u : D i s / E n a b l e v b l a n k i r q s d u r i n g s u s p e n d / r e s u m e ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d a d d i t i o n a l S I p c i i d s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d n e w b o n a i r e p c i i d s ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ d r m ] r a d e o n : a d d n e w K V p c i i d ( R o b C l a r k ) [ 1 1 7 3 3 1 7 ] b r > - [ p o w e r p c ] a d d l i t t l e e n d i a n f l a g t o s y s c a l l _ g e t _ a r c h ( ) ( R i c h a r d G u y B r i g g s ) [ 1 1 6 9 4 6 1 ] b r > - [ p o w e r p c ] s i m p l i f y s y s c a l l _ g e t _ a r c h ( ) ( R i c h a r d G u y B r i g g s ) [ 1 1 6 9 4 6 1 ] b r > b r > [ 3 . 1 0 . 0 - 2 2 0 ] b r > - [ s c s i ] l i b c x g b i : f i x f r e e i n g s k b p r e m a t u r e l y ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : u s e s e t _ w r _ t x q ( ) t o s e t t x q u e u e s ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : h a n d l e n o n - p d u - a l i g n e d r x d a t a ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : a d d i t i o n a l t y p e s o f n e g a t i v e a d v i c e ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : s e t t h e m a x . p d u l e n g t h i n f i r m w a r e ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : f i x c r e d i t c h e c k f o r t x _ d a t a _ w r ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ s c s i ] c x g b 4 i : f i x t x i m m e d i a t e d a t a c r e d i t c h e c k ( S a i V e m u r i ) [ 1 1 7 4 9 8 2 ] b r > - [ n e t ] i p v 6 : u p d a t e D e s t i n a t i o n C a c h e e n t r i e s w h e n g a t e w a y t u r n i n t o h o s t ( J i r i P i r k o ) [ 1 1 1 4 7 8 1 ] b r > - [ n e t ] i p s e c : D o n t u p d a t e t h e p m t u o n I C M P V 6 _ D E S T _ U N R E A C H ( H e r b e r t X u ) [ 1 1 5 8 7 7 1 ] b r > - [ s 3 9 0 ] z f c p : r e m o v e a c c e s s c o n t r o l t a b l e s i n t e r f a c e ( p o r t l e f t o v e r s ) ( H e n d r i k B r u e c k n e r ) [ 1 1 7 3 5 5 3 ] b r > - [ x 8 6 ] p e r f : U s e e x t e n d e d o f f c o r e m a s k o n H a s w e l l ( D o n Z i c k u s ) [ 1 1 7 0 7 9 5 ] b r > - [ f s ] o v l : o v l _ d i r _ f s y n c ( ) c l e a n u p ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : p a s s d e n t r y i n t o o v l _ d i r _ r e a d _ m e r g e d ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : u s e l o c k l e s s _ d e r e f e r e n c e ( ) f o r u p p e r d e n t r y ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : a l l o w f i l e n a m e s w i t h c o m m a ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : f i x r a c e i n p r i v a t e x a t t r c h e c k s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : f i x r e m o v e / c o p y - u p r a c e ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v l : r e n a m e f i l e s y s t e m t y p e t o ' o v e r l a y ' ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] D o n t w a r n i f b o t h - > r e n a m e ( ) a n d - > r e n a m e 2 ( ) i o p s a r e d e f i n e d ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : F i x t h e k A B I f o r o v e r l a y f s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : d o n t p o i s o n c u r s o r ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : i n i t i a l i z e - > i s _ c u r s o r ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : f i x l o c k d e p m i s a n n o t a t i o n ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : f i x c h e c k f o r c u r s o r ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : b a r r i e r s f o r o p e n i n g u p p e r - l a y e r d i r e c t o r y ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ k e r n e l ] r c u : P r o v i d e c o u n t e r p a r t t o r c u _ d e r e f e r e n c e ( ) f o r n o n - R C U s i t u a t i o n s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : e m b e d m i d d l e i n t o o v e r l a y _ r e a d d i r _ d a t a ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : e m b e d r o o t i n t o o v e r l a y _ r e a d d i r _ d a t a ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : m a k e o v l _ c a c h e _ e n t r y - > n a m e a n a r r a y i n s t e a d o f p o i n t e r ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : d o n t h o l d - > i _ m u t e x o v e r o p e n i n g t h e r e a l d i r e c t o r y ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : l i m i t f i l e s y s t e m s t a c k i n g d e p t h ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : o v e r l a y f i l e s y s t e m d o c u m e n t a t i o n ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : i m p l e m e n t s h o w _ o p t i o n s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : a d d s t a t f s s u p p o r t ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] o v e r l a y f s : f i l e s y s t e m ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ m m ] s h m e m : s u p p o r t R E N A M E _ W H I T E O U T ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] e x t 4 : s u p p o r t R E N A M E _ W H I T E O U T ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d R E N A M E _ W H I T E O U T ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d w h i t e o u t s u p p o r t ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : e x p o r t c h e c k _ s t i c k y ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : i n t r o d u c e c l o n e _ p r i v a t e _ m o u n t ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : e x p o r t _ _ i n o d e _ p e r m i s s i o n ( ) t o m o d u l e s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : e x p o r t d o _ s p l i c e _ d i r e c t ( ) t o m o d u l e s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d i _ o p - > d e n t r y _ o p e n ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] n a m e i : t r i v i a l f i x t o v f s _ r e n a m e _ d i r c o m m e n t ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] c i f s : s u p p o r t R E N A M E _ N O R E P L A C E ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] h o s t f s : s u p p o r t r e n a m e f l a g s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ m m ] s h m e m : s u p p o r t R E N A M E _ E X C H A N G E ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ m m ] s h m e m : s u p p o r t R E N A M E _ N O R E P L A C E ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] b t r f s : a d d R E N A M E _ N O R E P L A C E ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] b a d _ i n o d e : a d d - > r e n a m e 2 ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] c a l l r e n a m e 2 i f e x i s t s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] f u s e : r e s t r u c t u r e - > r e n a m e 2 ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] f u s e : a d d r e n a m e a t 2 s u p p o r t ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] d c a c h e : f i x r a c e s b e t w e e n _ _ d _ i n s t a n t i a t e ( ) a n d c h e c k s o f d e n t r y f l a g s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] e x t 4 : a d d c r o s s r e n a m e s u p p o r t ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d c r o s s - r e n a m e ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : l o c k _ t w o _ n o n d i r e c t o r i e s - a l l o w d i r e c t o r y a r g s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ s e c u r i t y ] a d d f l a g s t o r e n a m e h o o k s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d R E N A M E _ N O R E P L A C E f l a g ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d r e n a m e a t 2 s y s c a l l ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] n a m e i : u s e c o m m o n c o d e f o r d i r a n d n o n - d i r ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] n a m e i : m o v e d _ m o v e ( ) u p ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : a d d d _ i s _ d i r ( ) ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > - [ f s ] v f s : P u t a s m a l l t y p e f i e l d i n t o s t r u c t d e n t r y : : d _ f l a g s ( D a v i d H o w e l l s ) [ 9 8 5 8 7 5 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 9 ] b r > - [ m m ] v m s t a t : o n - d e m a n d v m s t a t w o r k e r s V 8 ( L a r r y W o o d m a n ) [ 1 1 5 7 8 0 2 ] b r > - [ m m ] v m s t a t : u s e t h i s _ c p u ( ) t o a v o i d i r q o n / o f f s e q u e n c e i n r e f r e s h _ c p u _ v m _ s t a t s ( L a r r y W o o d m a n ) [ 1 1 5 7 8 0 2 ] b r > - [ m m ] v m s t a t : c r e a t e f o l d _ d i f f ( L a r r y W o o d m a n ) [ 1 1 5 7 8 0 2 ] b r > - [ m m ] v m s t a t : c r e a t e s e p a r a t e f u n c t i o n t o f o l d p e r c p u d i f f s i n t o l o c a l c o u n t e r s ( L a r r y W o o d m a n ) [ 1 1 5 7 8 0 2 ] b r > - [ b l o c k ] b l k - m q : F i x u n i n i t i a l i z e d k o b j e c t a t C P U h o t p l u g g i n g ( J e f f M o y e r ) [ 1 1 6 9 2 3 2 ] b r > - [ k e r n e l ] a u d i t : A U D I T _ F E A T U R E _ C H A N G E m e s s a g e f o r m a t m i s s i n g d e l i m i t i n g s p a c e ( R i c h a r d G u y B r i g g s ) [ 1 1 6 5 4 6 9 ] b r > - [ f s ] N F S v 4 . 1 : n f s 4 1 _ c l e a r _ d e l e g a t i o n _ s t a t e i d s h o u l d n t t r u s t N F S _ D E L E G A T E D _ S T A T E ( S t e v e D i c k s o n ) [ 1 1 6 6 8 4 5 ] b r > - [ f s ] N F S v 4 : F i x r a c e s b e t w e e n n f s _ r e m o v e _ b a d _ d e l e g a t i o n ( ) a n d d e l e g a t i o n r e t u r n ( S t e v e D i c k s o n ) [ 1 1 6 6 8 4 5 ] b r > - [ f s ] N F S : D o n t t r y t o r e c l a i m d e l e g a t i o n o p e n s t a t e i f r e c o v e r y f a i l e d ( S t e v e D i c k s o n ) [ 1 1 6 6 8 4 5 ] b r > - [ f s ] N F S v 4 : E n s u r e t h a t w e c a l l F R E E _ S T A T E I D w h e n N F S v 4 . x s t a t e i d s a r e r e v o k e d ( S t e v e D i c k s o n ) [ 1 1 6 6 8 4 5 ] b r > - [ f s ] N F S v 4 : E n s u r e t h a t w e r e m o v e N F S v 4 . 0 d e l e g a t i o n s w h e n s t a t e h a s e x p i r e d ( S t e v e D i c k s o n ) [ 1 1 6 6 8 4 5 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 8 ] b r > - [ s c s i ] c x g b 4 i : D o n t b l o c k u n l o a d / c x g b 4 u n l o a d w h e n r e m o t e c l o s e s T C P c o n n e c t i o n ( S a i V e m u r i ) [ 1 1 6 9 9 4 1 ] b r > - [ k e r n e l ] k t h r e a d : p a r t i a l r e v e r t o f 8 1 c 9 8 8 6 9 f a a 5 ( ' k t h r e a d : e n s u r e l o c a l i t y o f t a s k _ s t r u c t a l l o c a t i o n s ' ) ( G u s t a v o D u a r t e ) [ 9 5 3 5 8 3 ] b r > - [ m m ] s l u b : f a l l b a c k t o n o d e _ t o _ m e m _ n o d e ( ) n o d e i f a l l o c a t i n g o n m e m o r y l e s s n o d e ( G u s t a v o D u a r t e ) [ 9 5 3 5 8 3 ] b r > - [ m m ] t o p o l o g y : a d d s u p p o r t f o r n o d e _ t o _ m e m _ n o d e ( ) t o d e t e r m i n e t h e f a l l b a c k n o d e ( G u s t a v o D u a r t e ) [ 9 5 3 5 8 3 ] b r > - [ m m ] s l u b : s e a r c h p a r t i a l l i s t o n n u m a _ m e m _ i d ( ) , i n s t e a d o f n u m a _ n o d e _ i d ( ) ( G u s t a v o D u a r t e ) [ 9 5 3 5 8 3 ] b r > - [ k e r n e l ] k t h r e a d : e n s u r e l o c a l i t y o f t a s k _ s t r u c t a l l o c a t i o n s ( G u s t a v o D u a r t e ) [ 9 5 3 5 8 3 ] b r > - [ m d ] d m - t h i n : f i x m i s s i n g o u t - o f - d a t a - s p a c e t o w r i t e m o d e t r a n s i t i o n i f b l o c k s a r e r e l e a s e d ( M i k e S n i t z e r ) [ 1 1 7 3 1 8 1 ] b r > - [ m d ] d m - t h i n : f i x i n a b i l i t y t o d i s c a r d b l o c k s w h e n i n o u t - o f - d a t a - s p a c e m o d e ( M i k e S n i t z e r ) [ 1 1 7 3 1 8 1 ] b r > - [ w i r e l e s s ] i w l w i f i / m v m : u p d a t e v a l u e s f o r S m a r t F i f o ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / d v m : f i x f l u s h s u p p o r t f o r o l d f i r m w a r e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] a t h 5 k : f i x h a r d w a r e q u e u e i n d e x a s s i g n m e n t ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] a t h 9 k : f i x B E / B K q u e u e o r d e r ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] a t h 9 k _ h w : f i x h a r d w a r e q u e u e a l l o c a t i o n ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] a t h 9 k : F i x R T C _ D E R I V E D _ C L K u s a g e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t 2 x 0 0 : d o n o t a l i g n p a y l o a d o n m o d e r n H / W ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : F i x r e g r e s s i o n t h a t t r i g g e r s a k e r n e l B U G w i t h C C M P ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i : f i x R F k i l l w h i l e c a l i b r a t i n g ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : f i x u s e - a f t e r - f r e e i n d e f r a g m e n t a t i o n ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : p r o p e r l y f l u s h d e l a y e d s c a n w o r k o n i n t e r f a c e r e m o v a l ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : s c h e d u l e t h e a c t u a l s w i t c h o f t h e s t a t i o n b e f o r e C S A c o u n t 0 ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : u s e s e c o n d a r y c h a n n e l o f f s e t I E a l s o b e a c o n s d u r i n g C S A ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t 2 x 0 0 : a d d n e w r t 2 8 0 0 u s b d e v i c e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] R e v e r t : i w l w i f i / m v m : t r e a t E A P O L s l i k e m g m t f r a m e s w r t r a t e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / d v m : d r o p n o n V O f r a m e s w h e n f l u s h i n g ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i : c o n f i g u r e t h e L T R ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] m a c 8 0 2 1 1 : f i x t y p o i n s t a r t i n g b a s e r a t e f o r r t s _ c t s _ r a t e _ i d x ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t 2 x 0 0 : a d d n e w r t 2 8 0 0 u s b d e v i c e s ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t 2 x 0 0 : s u p p o r t R a l i n k 5 3 6 2 ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] R e v e r t : a t h 9 k : r e d u c e A N I f i r s t e p r a n g e f o r o l d e r c h i p s ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t 2 8 0 0 : c o r r e c t B B P 1 _ T X _ P O W E R _ C T R L m a s k ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i : A d d m i s s i n g P C I I D s f o r t h e 7 2 6 0 s e r i e s ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / m v m : d i s a b l e B T C o - r u n n i n g b y d e f a u l t ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] n l 8 0 2 1 1 : c l e a r s k b c b b e f o r e p a s s i n g t o n e t l i n k ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] a t h 9 k / h t c : f i x r a n d o m d e c r y p t i o n f a i l u r e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] b r c m f m a c : h a n d l e I F e v e n t f o r P 2 P _ D E V I C E i n t e r f a c e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] R e v e r t : m a c 8 0 2 1 1 : d i s a b l e u A P S D i f a l l A C s a r e u n d e r A C M ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] r t l w i f i / r t l 8 1 9 2 c u : A d d n e w I D ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / m v m : s e t M A C _ F I L T E R _ I N _ B E A C O N c o r r e c t l y f o r S T A / P 2 P c l i e n t ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / m v m : t r e a t E A P O L s l i k e m g m t f r a m e s w r t r a t e ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i : i n c r e a s e D E F A U L T _ M A X _ T X _ P O W E R ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] i w l w i f i / m v m : f i x e n d i a n i t y i s s u e s w i t h S m a r t F i f o c o m m a n d s ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] R e v e r t : i w l w i f i / d v m : d o n t e n a b l e C T S t o s e l f ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > - [ w i r e l e s s ] c a r l 9 1 7 0 : f i x s e n d i n g U R B s w i t h w r o n g t y p e w h e n u s i n g f u l l - s p e e d ( S t a n i s l a w G r u s z k a ) [ 1 1 5 5 5 3 8 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 7 ] b r > - [ n e t ] i p v 6 : y e t a n o t h e r n e w I P V 6 _ M T U _ D I S C O V E R o p t i o n I P V 6 _ P M T U D I S C _ O M I T ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : y e t a n o t h e r n e w I P _ M T U _ D I S C O V E R o p t i o n I P _ P M T U D I S C _ O M I T ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : u s e i p _ s k b _ d s t _ m t u t o d e t e r m i n e m t u i n i p _ f r a g m e n t ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : i n t r o d u c e i p _ d s t _ m t u _ m a y b e _ f o r w a r d a n d p r o t e c t f o r w a r d i n g p a t h a g a i n s t p m t u s p o o f i n g ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 6 : m o v e i p 6 _ s k _ a c c e p t _ p m t u f r o m g e n e r i c p m t u u p d a t e p a t h t o i p v 6 o n e ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 6 : s u p p o r t I P V 6 _ P M T U _ I N T E R F A C E o n s o c k e t s ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] u d p : d o n o t r e p o r t I C M P r e d i r e c t s t o u s e r s p a c e ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : n e w i p _ n o _ p m t u _ d i s c m o d e t o a l w a y s d i s c a r d i n c o m i n g f r a g n e e d e d m s g s ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i n e t : m a k e n o _ p m t u _ d i s c p e r n a m e s p a c e a n d k i l l i p v 4 _ c o n f i g ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : i m p r o v e d o c u m e n t a t i o n o f i p _ n o _ p m t u _ d i s c ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] i p v 4 : i n t r o d u c e n e w I P _ M T U _ D I S C O V E R m o d e I P _ P M T U D I S C _ I N T E R F A C E ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] x f r m : r e v e r t i p v 4 m t u d e t e r m i n a t i o n t o d s t _ m t u ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] x f r m : i n t r o d u c e h e l p e r f o r s a f e d e t e r m i n a t i o n o f m t u ( H a n n e s F r e d e r i c S o w a ) [ 1 1 7 0 1 1 6 ] b r > - [ n e t ] n e t f i l t e r : c o n n t r a c k : d i s a b l e g e n e r i c t r a c k i n g f o r k n o w n p r o t o c o l s ( D a n i e l B o r k m a n n ) [ 1 1 7 0 5 2 0 ] b r > - [ n e t ] g r e : F i x u s e - a f t e r - f r e e p a n i c i n i p g r e _ r c v ( ) ( P a n u M a t i l a i n e n ) [ 1 1 1 7 5 4 3 ] b r > - [ n e t ] n e t f i l t e r : n f _ c o n n t r a c k _ h 3 2 3 : l o o k u p r o u t e f r o m p r o p e r n e t n a m e s p a c e ( F l o r i a n W e s t p h a l ) [ 1 1 6 3 8 4 7 ] b r > - [ n e t ] n e t f i l t e r : x t _ t c p m s s : l o o k u p r o u t e f r o m p r o p e r n e t n a m e s p a c e ( F l o r i a n W e s t p h a l ) [ 1 1 6 3 8 4 7 ] b r > - [ n e t ] n e t f i l t e r : x t _ t c p m s s : G e t m t u o n l y i f c l a m p - m s s - t o - p m t u i s s p e c i f i e d ( F l o r i a n W e s t p h a l ) [ 1 1 6 3 8 4 7 ] b r > - [ w i r e l e s s ] c f g 8 0 2 1 1 : d o n t W A R N a b o u t t w o c o n s e c u t i v e C o u n t r y I E h i n t ( S t a n i s l a w G r u s z k a ) [ 1 1 6 4 2 8 2 ] b r > - [ f s ] a i o : f i x r a c e b e t w e e n a i o e v e n t c o m p l e t i o n a n d r e a p i n g ( J e f f M o y e r ) [ 1 1 3 1 3 1 2 ] b r > - [ f s ] p r o c / t a s k _ m m u : f i x m i s s i n g c h e c k d u r i n g h u g e p a g e m i g r a t i o n ( J a c o b T a n e n b a u m ) [ 1 1 0 5 0 4 0 ] { C V E - 2 0 1 4 - 3 9 4 0 } b r > - [ k e r n e l ] t r a c e : i n s u f f i c i e n t s y s c a l l n u m b e r v a l i d a t i o n i n p e r f a n d f t r a c e s u b s y s t e m s ( J a c o b T a n e n b a u m ) [ 1 1 6 1 5 7 0 ] { C V E - 2 0 1 4 - 7 8 2 5 C V E - 2 0 1 4 - 7 8 2 6 } b r > - [ e t h e r n e t ] i 4 0 e : g e t p f _ i d f r o m H W r a t h e r t h a n P C I f u n c t i o n ( S t e f a n A s s m a n n ) [ 1 0 7 8 7 4 0 ] b r > - [ e t h e r n e t ] i 4 0 e : i n c r e a s e A R Q s i z e ( S t e f a n A s s m a n n ) [ 1 0 7 8 7 4 0 ] b r > - [ x 8 6 ] u v : U p d a t e t h e U V 3 T L B s h o o t d o w n l o g i c ( F r a n k R a m s a y ) [ 1 1 7 0 2 5 3 ] b r > - [ t o o l s ] p e e k s i g i n f o : a d d P A G E _ S I Z E d e f i n i t i o n ( S t e v e B e s t ) [ 1 1 7 2 2 5 0 ] b r > - [ b a s e ] b u s : F i x u n b a l a n c e d d e v i c e r e f e r e n c e i n d r i v e r s _ p r o b e ( A l e x W i l l i a m s o n ) [ 1 1 5 8 8 6 2 ] b r > - [ c h a r ] t p m : F i x N U L L r e t u r n i n t p m _ i b m v t p m _ g e t _ d e s i r e d _ d m a ( G u s t a v o D u a r t e ) [ 1 1 5 4 8 1 8 ] b r > - [ p o w e r p c ] k v m : b o o k 3 s _ h v - R e s e r v e c m a r e g i o n o n l y i n h y p e r v i s o r m o d e ( G u s t a v o D u a r t e ) [ 1 1 4 7 7 4 0 ] b r > - [ x 8 6 ] t r a p s : s t o p u s i n g I S T f o r # S S ( P e t r M a t o u s e k ) [ 1 1 7 2 8 1 3 ] { C V E - 2 0 1 4 - 9 3 2 2 } b r > b r > [ 3 . 1 0 . 0 - 2 1 6 ] b r > - [ a c p i ] R e v e r t : h o t p l u g / p c i : S i m p l i f y d i s a b l e _ s l o t ( ) ( P r a r i t B h a r g a v a ) [ 1 1 5 8 7 2 0 ] b r > - [ i n f i n i b a n d ] i s e r : A d j u s t d a t a _ l e n g t h t o i n c l u d e p r o t e c t i o n i n f o r m a t i o n ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : B u m p v e r s i o n t o 1 . 4 . 1 ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : A l l o w b i n d o n l y w h e n c o n n e c t i o n s t a t e i s U P ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : F i x R X / T X C Q r e s o u r c e l e a k o n e r r o r f l o w ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : C l a r i f y a d u p l i c a t e c o u n t e r s c h e c k ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : R e p l a c e c o n n e c t i o n w a i t q u e u e w i t h c o m p l e t i o n o b j e c t ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : P r o t e c t i s e r s t a t e m a c h i n e w i t h a m u t e x ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : R e m o v e r e d u n d a n t r e t u r n c o d e i n i s e r _ f r e e _ i b _ c o n n _ r e s ( ) ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : S e p e r a t e i s e r _ c o n n a n d i s c s i _ e n d p o i n t s t o r a g e s p a c e ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : F i x r e s p o n d e r r e s o u r c e s a d v e r t i s e m e n t ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : A d d T I M E W A I T _ E X I T e v e n t h a n d l i n g ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : S u p p o r t I P v 6 a d d r e s s f a m i l y ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : B u m p v e r s i o n t o 1 . 4 ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : A d d m i s s i n g n e w l i n e s t o l o g g i n g m e s s a g e s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : F i x a p o s s i b l e r a c e i n i s e r c o n n e c t i o n s t a t e s t r a n s i t i o n ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : S i m p l i f y c o n n e c t i o n m a n a g e m e n t ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : B u m p d r i v e r v e r s i o n t o 1 . 3 ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : U p d a t e M e l l a n o x c o p y r i g h t n o t e ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : P r i n t Q P i n f o r m a t i o n o n c e c o n n e c t i o n i s e s t a b l i s h e d ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : R e m o v e s t r u c t i s c s i _ i s e r _ c o n n ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : D r a i n t h e t x c q o n c e b e f o r e l o o p i n g o n t h e r x c q ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : F i x s e c t o r _ t f o r m a t w a r n i n g ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : P u b l i s h T 1 0 - P I s u p p o r t t o S C S I m i d l a y e r ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : I m p l e m e n t c h e c k _ p r o t e c t i o n ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : S u p p o r t T 1 0 - P I o p e r a t i o n s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : I n i t i a l i z e T 1 0 - P I r e s o u r c e s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : I n t r o d u c e p i _ e n a b l e , p i _ g u a r d m o d u l e p a r a m e t e r s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : G e n e r a l i z e f a l l _ t o _ b o u n c e _ b u f r o u t i n e ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : G e n e r a l i z e i s e r _ u n m a p _ t a s k _ d a t a a n d f i n a l i z e _ r d m a _ u n a l i g n e d _ s g ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : R e p l a c e f a s t r e g d e s c r i p t o r v a l i d b o o l w i t h i n d i c a t o r s c o n t a i n e r ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : K e e p I B d e v i c e a t t r i b u t e s u n d e r i s e r _ d e v i c e ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : M o v e f a s t _ r e g _ d e s c r i p t o r i n i t i a l i z a t i o n t o a f u n c t i o n ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : P u s h t h e d e c i s i o n w h a t m e m o r y k e y t o u s e i n t o f a s t _ r e g _ m r r o u t i n e ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : A v o i d F R W R n o t a t i o n , u s e f a s t r e g i n s t e a d ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : S u p p r e s s c o m p l e t i o n s f o r f a s t r e g i s t r a t i o n w o r k r e q u e s t s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ i n f i n i b a n d ] i s e r : F i x u s e a f t e r f r e e i n i s e r _ s n d _ c o m p l e t i o n ( ) ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ s c s i ] l i b i s c s i : A d d c h e c k _ p r o t e c t i o n c a l l b a c k f o r t r a n s p o r t s ( A m i r V a d a i ) [ 1 1 0 7 6 2 2 ] b r > - [ m m ] m e m - h o t p l u g : r e s e t n o d e p r e s e n t p a g e s w h e n h o t - a d d i n g a n e w p g d a t ( M o t o h i r o K o s a k i ) [ 1 1 5 6 3 9 6 ] b r > - [ m m ] m e m - h o t p l u g : r e s e t n o d e m a n a g e d p a g e s w h e n h o t - a d d i n g a n e w p g d a t ( M o t o h i r o K o s a k i ) [ 1 1 5 6 3 9 6 ] b r > - [ m m ] m a k e _ _ f r e e _ p a g e s _ b o o t m e m ( ) o n l y a v a i l a b l e a t b o o t t i m e ( M o t o h i r o K o s a k i ) [ 1 1 5 6 3 9 6 ] b r > - [ m m ] u s e a d e d i c a t e d l o c k t o p r o t e c t t o t a l r a m _ p a g e s a n d z o n e - > m a n a g e d _ p a g e s ( M o t o h i r o K o s a k i ) [ 1 1 5 6 3 9 6 ] b r > - [ m m ] a c c u r a t e l y c a l c u l a t e z o n e - > m a n a g e d _ p a g e s f o r h i g h m e m z o n e s ( M o t o h i r o K o s a k i ) [ 1 1 5 6 3 9 6 ] b r > - [ m d ] d m - c a c h e : f i x s p u r i o u s c e l l _ d e f e r w h e n d e a l i n g w i t h p a r t i a l b l o c k a t e n d o f d e v i c e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : d i r t y f l a g w a s m i s t a k e n l y b e i n g c l e a r e d w h e n p r o m o t i n g v i a o v e r w r i t e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : o n l y u s e o v e r w r i t e o p t i m i s a t i o n f o r p r o m o t i o n w h e n i n w r i t e b a c k m o d e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : d i s c a r d b l o c k s i z e m u s t b e a m u l t i p l e o f c a c h e b l o c k s i z e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : f i x a h a r m l e s s r a c e w h e n w o r k i n g o u t i f a b l o c k i s d i s c a r d e d ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : w h e n r e l o a d i n g a d i s c a r d b i t s e t a l l o w f o r a d i f f e r e n t d i s c a r d b l o c k s i z e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - c a c h e : f i x s o m e i s s u e s w i t h t h e n e w d i s c a r d r a n g e s u p p o r t ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - a r r a y : i f r e s i z i n g t h e a r r a y i s a n o o p s e t t h e n e w r o o t t o t h e o l d o n e ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m - b u f i o : f i x m e m l e a k w h e n u s i n g a d m _ b u f f e r s i n l i n e b i o ( M i k e S n i t z e r ) [ 1 1 6 5 0 5 0 ] b r > - [ m d ] d m : u s e r c u _ d e r e f e r e n c e _ p r o t e c t e d i n s t e a d o f r c u _ d e r e f e r e n c e ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m - t h i n : s u s p e n d / r e s u m e a c t i v e t h i n d e v i c e s w h e n r e l o a d i n g t h i n - p o o l ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m - t h i n : d o n o t a l l o w t h i n d e v i c e a c t i v a t i o n w h i l e p o o l i s s u s p e n d e d ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m - t h i n : f i x a r a c e i n t h i n _ d t r ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m - t h i n : r e m o v e s t a l e ' t r i m ' m e s s a g e i n b l o c k c o m m e n t a b o v e p o o l _ m e s s a g e ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : u p d a t e w a i t _ o n _ b i t c a l l s f o r R H E L ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : e n h a n c e i n t e r n a l s u s p e n d a n d r e s u m e i n t e r f a c e ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : a d d p r e s u s p e n d _ u n d o h o o k t o t a r g e t _ t y p e ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : r e t u r n e a r l i e r f r o m d m _ b l k _ i o c t l i f t a r g e t d o e s n t i m p l e m e n t . i o c t l ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : d o n o t c a l l d m _ s y n c _ t a b l e ( ) w h e n c r e a t i n g n e w d e v i c e s ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : s p a r s e - A n n o t a t e f i e l d w i t h _ _ r c u f o r c h e c k i n g ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : U s e r c u _ d e r e f e r e n c e ( ) f o r a c c e s s i n g r c u p o i n t e r ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m : a l l o w a c t i v e a n d i n a c t i v e t a b l e s t o s h a r e d m _ d e v s ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > - [ m d ] d m - m p a t h : s t o p q u e u e i n g I O w h e n n o v a l i d p a t h s e x i s t ( M i k e S n i t z e r ) [ 1 1 6 5 2 4 6 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 5 ] b r > - [ n e t ] v x l a n : D o n o t r e u s e s o c k e t s f o r a d i f f e r e n t a d d r e s s f a m i l y ( M a r c e l o L e i t n e r ) [ 1 1 4 6 1 0 7 ] b r > - [ n e t ] v t i : F i x k e r n e l p a n i c d u e t o t u n n e l n o t b e i n g r e m o v e d o n l i n k d e l e t i o n ( P a n u M a t i l a i n e n ) [ 1 1 6 7 7 2 5 ] b r > - [ n e t ] s c t p : t e s t i f a s s o c i a t i o n i s d e a d i n s c t p _ w a k e _ u p _ w a i t e r s ( D a n i e l B o r k m a n n ) [ 1 1 6 6 4 6 7 ] b r > - [ n e t ] s c t p : w a k e u p a l l a s s o c s i f s n d b u f p o l i c y i s p e r s o c k e t ( D a n i e l B o r k m a n n ) [ 1 1 6 6 4 6 7 ] b r > - [ n e t ] i p : b e t t e r e s t i m a t e t u n n e l h e a d e r c u t f o r c o r r e c t u f o h a n d l i n g ( A l e x a n d e r D u y c k ) [ 1 1 5 9 5 7 7 ] b r > - [ n e t ] i p v 6 : g s o : r e m o v e r e d u n d a n t l o c k i n g ( A l e x a n d e r D u y c k ) [ 1 1 5 9 5 7 7 ] b r > - [ n e t ] i p v 6 : D o n o t t r e a t a G S O _ T C P V 4 r e q u e s t f r o m U D P t u n n e l o v e r I P v 6 a s i n v a l i d ( A l e x a n d e r D u y c k ) [ 1 1 5 9 5 7 7 ] b r > - [ n e t ] i p v 6 : f i b : f i x f i b d u m p r e s t a r t ( P a n u M a t i l a i n e n ) [ 1 1 6 3 6 0 5 ] b r > - [ n e t ] i p v 6 : d r o p u n u s e d f i b 6 _ c l e a n _ a l l _ r o ( ) f u n c t i o n a n d r t 6 _ p r o c _ a r g s t r u c t ( P a n u M a t i l a i n e n ) [ 1 1 6 3 6 0 5 ] b r > - [ n e t ] i p v 6 : a v o i d h i g h o r d e r m e m o r y a l l o c a t i o n s f o r / p r o c / n e t / i p v 6 _ r o u t e ( P a n u M a t i l a i n e n ) [ 1 1 6 3 6 0 5 ] b r > - [ n e t ] i p v 4 : F i x i n c o r r e c t e r r o r c o d e w h e n a d d i n g a n u n r e a c h a b l e r o u t e ( P a n u M a t i l a i n e n ) [ 1 1 6 5 5 5 2 ] b r > - [ n e t ] s c t p : r e p l a c e s e q _ p r i n t f w i t h s e q _ p u t s ( D a n i e l B o r k m a n n ) [ 1 1 6 4 2 1 4 ] b r > - [ n e t ] s c t p : a d d t r a n s p o r t s t a t e i n / p r o c / n e t / s c t p / r e m a d d r ( D a n i e l B o r k m a n n ) [ 1 1 6 4 2 1 4 ] b r > - [ I B ] i s e r t : A d j u s t C Q s i z e t o H W l i m i t s ( A n d y G r o v e r ) [ 1 1 6 6 3 1 4 ] b r > - [ i b _ i s e r t ] A d d m a x _ s e n d _ s g e = 2 m i n i m u m f o r c o n t r o l P D U r e s p o n s e s ( A n d y G r o v e r ) [ 1 1 6 6 3 1 4 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d o n o t p r o c e s s I O C T L s a n d S C S I c o m m a n d s d u r i n g d r i v e r r e m o v a l ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d n d i n a n e s s r e l a t e d b u g f i x e s ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : c o r r e c t e d r e t u r n o f w a i t _ e v e n t f r o m a b o r t f r a m e p a t h ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : m a k e H B A o p e r a t i o n a l a f t e r L D _ M A P _ S Y N C D C M D i n O C R p a t h ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : o n l i n e F i r m w a r e u p g r a d e s u p p o r t f o r E x t e n d e d V D f e a t u r e ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : u p d a t e M A I N T A I N E R S a n d c o p y r i g h t i n f o r m a t i o n f o r m e g a r a i d d r i v e r s ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e a n d r e m o v e s o m e m e t a d a t a o f d r i v e r ( 0 6 . 8 0 5 . 0 6 . 0 1 - r c 1 ) ( T o m a s H e n z l ) [ 1 1 6 2 6 4 5 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 4 ] b r > - [ p o w e r p c ] D r o p u s e l e s s w a r n i n g i n e e h _ i n i t ( ) ( G u s t a v o D u a r t e ) [ 1 1 5 6 6 5 1 ] b r > - [ p o w e r p c ] p s e r i e s : D e c r e a s e m e s s a g e l e v e l o n E E H i n i t i a l i z a t i o n ( G u s t a v o D u a r t e ) [ 1 1 5 6 6 5 1 ] b r > - [ n e t ] c e p h : f i x u p i n c l u d e s i n p a g e l i s t . h ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : c h a n g e f r o m B U G t o W A R N f o r _ _ r e m o v e _ o s d ( ) a s s e r t s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : c l e a r r _ r e q _ l r u _ i t e m i n _ _ u n r e g i s t e r _ l i n g e r _ r e q u e s t ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : u n l i n k f r o m o _ l i n g e r _ r e q u e s t s w h e n c l e a r i n g r _ o s d ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : d o n o t c r a s h o n l a r g e a u t h t i c k e t s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : f i x f l u s h t i d c o m p a r i s i o n ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : e l i m i n a t e u n n e c e s s a r y a l l o c a t i o n i n p r o c e s s _ o n e _ t i c k e t ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : F i x e r r o r r e c o v e r y i n r b d _ o b j _ r e a d _ s y n c ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : u s e m e m a l l o c f l a g s f o r n e t I O ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : u s e a s i n g l e w o r k q u e u e f o r a l l d e v i c e s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : f i x d i v i d e - b y - z e r o i n _ _ v a l i d a t e _ l a y o u t ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : r b d w o r k q u e u e s n e e d a r e s q u e w o r k e r ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : c e p h - m s g r w o r k q u e u e n e e d s a r e s q u e w o r k e r ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : f i x b o o l a s s i g n m e n t s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : s e p a r a t e m u l t i p l e o p s w i t h c o m m a s i n d e b u g f s o u t p u t ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : s y n c o s d o p d e f i n i t i o n s i n r a d o s . h ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : r e m o v e r e d u n d a n t d e c l a r a t i o n ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : a d d i t i o n a l d e b u g f s o u t p u t ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : e x p o r t c e p h _ s e s s i o n _ s t a t e _ n a m e f u n c t i o n ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : u s e p a g e l i s t t o p r e s e n t M D S r e q u e s t d a t a ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : r e f e r e n c e c o u n t i n g p a g e l i s t ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : f i x l l i s t x a t t r o n s y m l i n k ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : s e n d c l i e n t m e t a d a t a t o M D S ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : r e m o v e r e d u n d a n t c o d e f o r m a x f i l e s i z e v e r i f i c a t i o n ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : m o v e c e p h _ f i n d _ i n o d e ( ) o u t s i d e t h e s _ m u t e x ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : r e q u e s t x a t t r s i f x a t t r _ v e r s i o n i s z e r o ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : s e t t h e r e m a i n i n g d i s c a r d p r o p e r t i e s t o e n a b l e s u p p o r t ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : u s e h e l p e r s t o h a n d l e d i s c a r d f o r l a y e r e d i m a g e s c o r r e c t l y ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : e x t r a c t a m e t h o d f o r a d d i n g o b j e c t o p e r a t i o n s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : m a k e d i s c a r d t r i g g e r c o p y - o n - w r i t e ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : t o l e r a t e - E N O E N T f o r d i s c a r d o p e r a t i o n s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : f i x s n a p s h o t c o n t e x t r e f e r e n c e c o u n t f o r d i s c a r d s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : r e a d i m a g e s i z e f o r d i s c a r d c h e c k s a f e l y ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : i n i t i a l d i s c a r d b i t s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : e x t e n d t h e o p e r a t i o n t y p e ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : s k i p t h e c o p y u p w h e n a n e n t i r e o b j e c t w r i t i n g ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : a d d i m g _ o b j _ r e q u e s t _ s i m p l e ( ) h e l p e r ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : a c c e s s s n a p s h o t c o n t e x t a n d m a p p i n g s i z e s a f e l y ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : d o n o t r e t u r n - E R A N G E o n a u t h f a i l u r e s ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : d o n t t r y c h e c k i n g q u e u e _ w o r k ( ) r e t u r n v a l u e ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : m a k e s u r e r e q u e s t i s n t i n a n y w a i t i n g l i s t w h e n k i c k i n g r e q u e s t ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : p r o t e c t k i c k _ r e q u e s t s ( ) w i t h m d s c - > m u t e x ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : C o n v e r t p r _ w a r n i n g t o p r _ w a r n ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ f s ] c e p h : t r i m u n u s e d i n o d e s b e f o r e r e c o n n e c t i n g t o r e c o v e r i n g M D S ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : f i x a u s e a f t e r f r e e i s s u e i n o s d m a p _ s e t _ m a x _ o s d ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : s e l e c t C R Y P T O _ C B C i n a d d i t i o n t o C R Y P T O _ A E S ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : r e s e n d l i n g e r i n g r e q u e s t s w i t h a n e w t i d ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ n e t ] c e p h : a b s t r a c t o u t c e p h _ o s d _ r e q u e s t e n q u e u e l o g i c ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : f i x e r r o r r e t u r n c o d e i n r b d _ d e v _ d e v i c e _ s e t u p ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ b l o c k ] r b d : a v o i d f o r m a t - s e c u r i t y w a r n i n g i n s i d e a l l o c _ w o r k q u e u e ( ) ( I l y a D r y o m o v ) [ 1 1 6 5 2 3 2 ] b r > - [ k e r n e l ] p r i n t k / r e g i s t e r _ c o n s o l e : p r e v e n t a d d i n g t h e s a m e c o n s o l e t w i c e ( A r t e m S a v k o v ) [ 1 1 6 9 7 6 6 ] b r > - [ m m ] h u g e t l b : a d d c o n d _ r e s c h e d _ l o c k ( ) i n , r e t u r n _ u n u s e d _ s u r p l u s _ p a g e s ( ) ( M o t o h i r o K o s a k i ) [ 1 1 4 2 6 9 8 ] b r > - [ m m ] h u g e t l b : f i x s o f t l o c k u p w h e n a l a r g e n u m b e r o f , h u g e p a g e s a r e f r e e d ( M o t o h i r o K o s a k i ) [ 1 1 4 2 6 9 8 ] b r > - [ k e r n e l ] s c h e d : U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ n e t ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ s c s i ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ k e r n e l ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ b l o c k ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ b l o c k ] i n c l u d e : U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ m i s c ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ x 8 6 ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > - [ p o w e r p c ] U s e n e w K A B I m a c r o s ( D o n Z i c k u s ) [ 1 1 6 4 3 8 3 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 3 ] b r > - [ s c s i ] i p r : d o n t l o g e r r o r m e s s a g e s w h e n a p p l i c a t i o n s i s s u e s i l l e g a l r e q u e s t s ( G u s t a v o D u a r t e ) [ 1 1 6 3 0 1 9 ] b r > - [ n e t ] m a c v l a n : A l l o w s e t t i n g m u l t i c a s t f i l t e r o n a l l m a c v l a n t y p e s ( V l a d Y a s e v i c h ) [ 8 4 8 1 9 7 ] b r > - [ b l o c k ] g e n h d : f i x l e f t o v e r m i g h t _ s l e e p ( ) i n b l k _ f r e e _ d e v t ( ) ( J e f f M o y e r ) [ 1 1 6 7 7 2 8 ] b r > - [ e t h e r n e t ] m l x 4 : A d d V X L A N n d o c a l l s t o t h e P F n e t d e v i c e o p s t o o ( F l o r i a n W e s t p h a l ) [ 1 1 6 8 2 1 2 ] b r > - [ p o w e r p c ] x m o n : l e - F i x e n d i a n n e s i s s u e i n R T A S c a l l f r o m x m o n ( S t e v e B e s t ) [ 1 1 6 0 6 5 0 ] b r > - [ m m ] t h p : c l o s e r a c e b e t w e e n s p l i t a n d z a p h u g e p a g e s ( S e t h J e n n i n g s ) [ 1 1 6 5 2 6 8 ] b r > - [ m m ] t h p : c l o s e r a c e b e t w e e n m r e m a p ( ) a n d s p l i t _ h u g e _ p a g e ( ) ( S e t h J e n n i n g s ) [ 1 1 6 5 2 6 8 ] b r > - [ m m c ] r t s x : C h a n g e d e f a u l t t x p h a s e ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : C o p y r i g h t m o d i f i c a t i o n s ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : C o n f i g u r e t o e n t e r a d e e p e r p o w e r - s a v i n g m o d e i n S 3 ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : M o v e s o m e a c t i o n s f r o m r t s x _ p c i _ i n i t _ h w t o i n d i v i d u a l e x t r a _ i n i t _ h w ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : A d d s h u t d o w n c a l l b a c k i n r t s x _ p c i _ d r i v e r ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : R e a d v e n d o r s e t t i n g f r o m c o n f i g s p a c e ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > - [ m f d ] r t s x : A d d s u p p o r t f o r R T L 8 4 1 1 B ( D o n Z i c k u s ) [ 1 1 0 6 2 0 4 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 2 ] b r > - [ f s ] f s n o t i f y : n e x t _ i i s f r e e d d u r i n g f s n o t i f y _ u n m o u n t _ i n o d e s ( E r i c S a n d e e n ) [ 1 1 2 4 9 9 7 ] b r > - [ f s ] b t r f s : f i x r e g r e s s i o n o f b t r f s d e v i c e r e p l a c e ( E r i c S a n d e e n ) [ 1 1 6 2 9 8 3 ] b r > - [ f s ] e x t 4 : d o n t c o u n t e x t e r n a l j o u r n a l b l o c k s a s o v e r h e a d ( E r i c S a n d e e n ) [ 1 1 6 4 3 6 6 ] b r > - [ f s ] F i x o o p s w h e n c r e a t i n g s y m l i n k s o n s m b 3 ( S a c h i n P r a b h u ) [ 1 1 6 1 4 2 9 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 1 ] b r > - [ n e t ] s c t p : f i x m e m o r y l e a k i n a u t h k e y m a n a g e m e n t ( D a n i e l B o r k m a n n ) [ 1 1 6 0 9 2 8 ] b r > - [ n e t ] s c t p : f i x N U L L p o i n t e r d e r e f e r e n c e i n a f - > f r o m _ a d d r _ p a r a m o n m a l f o r m e d p a c k e t ( D a n i e l B o r k m a n n ) [ 1 1 5 4 0 0 2 ] { C V E - 2 0 1 4 - 7 8 4 1 } b r > - [ n e t ] t c p : z e r o r e t r a n s _ s t a m p i f a l l r e t r a n s w e r e a c k e d ( M a r c e l o L e i t n e r ) [ 1 1 6 2 1 9 3 ] b r > - [ n e t ] n e t f i l t e r : l o g : p r o t e c t n f _ l o g _ r e g i s t e r a g a i n s t d o u b l e r e g i s t e r i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : u l o g : c o m p a t w i t h n e w s t r u c t u r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : n a t e x p r e s s i o n m u s t s e l e c t C O N F I G _ N F _ N A T ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : a d d e x p l i c i t K c o n f i g f o r N E T F I L T E R _ X T _ N A T ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : m a s q u e r a d i n g n e e d s t o b e i n d e p e n d e n t o f x _ t a b l e s i n K c o n f i g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : N F T _ C H A I N _ N A T _ I P V * i s i n d e p e n d e n t o f N F T _ N A T ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : m o v e N A T K c o n f i g s w i t c h e s o u t o f t h e i p t a b l e s s c o p e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : N E T F I L T E R _ X T _ T A R G E T _ L O G s e l e c t s N F _ L O G _ * ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : f i x s e v e r a l K c o n f i g p r o b l e m s i n N F _ L O G _ * ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ m a s q : r e g i s t e r / u n r e g i s t e r n o t i f i e r s o n m o d u l e i n i t / e x i t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a l l o w t o f i l t e r f r o m p r e r o u t i n g a n d p o s t r o u t i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c o m p a t : r e m o v e i n c o m p l e t e 3 2 / 6 4 b i t s a r c h c o m p a t c o d e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : w a i t f o r c a l l _ r c u c o m p l e t i o n o n m o d u l e r e m o v a l ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ r e j e c t : i n t r o d u c e i c m p c o d e a b s t r a c t i o n f o r i n e t a n d b r i d g e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s t o r e a n d d u m p s e t p o l i c y ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : e x p o r t r u l e - s e t g e n e r a t i o n I D ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d N F T A _ M A S Q _ U N S P E C t o n f t _ m a s q _ a t t r i b u t e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d n e w n f t _ m a s q e x p r e s s i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ n a t : i n c l u d e a f l a g a t t r i b u t e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : e x t e n d N F T _ M S G _ D E L T A B L E t o s u p p o r t f l u s h i n g t h e r u l e s e t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d h e l p e r s t o s c h e d u l e o b j e c t s d e l e t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d d e v g r o u p s u p p o r t i n m e t a e x p r e s i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e n a m e n f _ t a b l e _ d e l r u l e _ b y _ c h a i n ( ) ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d h e l p e r t o u n r e g i s t e r c h a i n h o o k s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e f a c t o r r u l e d e l e t i o n h e l p e r ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c h a i n _ n a t _ i p v 6 : u s e g e n e r i c I P v 6 N A T c o d e f r o m c o r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n a t : m o v e s p e c i f i c N A T I P v 6 t o c o r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ r b t r e e : n o n e e d f o r s p i n l o c k f r o m s e t d e s t r o y p a t h ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ h a s h : n o n e e d f o r r c u i n t h e h a s h s e t d e s t r o y p a t h ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ n a t : g e n e r a l i z e I P v 6 m a s q u e r a d i n g s u p p o r t f o r n f _ t a b l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ n a t : g e n e r a l i z e I P v 4 m a s q u e r a d i n g s u p p o r t f o r n f _ t a b l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c h a i n _ n a t _ i p v 4 : u s e g e n e r i c I P v 4 N A T c o d e f r o m c o r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n a t : m o v e s p e c i f i c N A T I P v 4 t o c o r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ m e t a : A d d c p u a t t r i b u t e s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ m e t a : a d d p k t t y p e s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x e r r o r r e t u r n c o d e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : d o n t u p d a t e c h a i n w i t h u n s e t c o u n t e r s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u n i n i t i a l i z e e l e m e n t k e y / d a t a f r o m t h e c o m m i t p a t h ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n f t a b l e s : C o n v e r t n f t _ h a s h t o u s e g e n e r i c r h a s h t a b l e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : A v o i d d u p l i c a t e c a l l t o n f t _ d a t a _ u n i n i t ( ) f o r s a m e k e y ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : c h e c k f o r u n s e t N F T A _ S E T _ E L E M _ L I S T _ E L E M E N T S a t t r i b u t e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s i m p l i f y s e t d u m p t h r o u g h n e t l i n k ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : b r i d g e : a d d r e j e c t s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : 6 4 b i t s t a t s n e e d s o m e e x t r a s y n c h r o n i z a t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s e t N L M _ F _ D U M P _ I N T R i f n e t l i n k d u m p i n g i s s t a l e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s a f e R C U i t e r a t i o n o n l i s t w h e n d u m p i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s k i p t r a n s a c t i o n i f n o u p d a t e f l a g s i n t a b l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ l o g : f i x c o c c i n e l l e w a r n i n g s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ l o g : c o m p l e t e l o g g i n g s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ l o g : r e q u e s t e x p l i c i t l o g g e r w h e n l o a d i n g r u l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ n a t : d o n t d u m p p o r t i n f o r m a t i o n i f u n s e t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : i n d i c a t e f a m i l y w h e n d u m p i n g s e t e l e m e n t s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c o m p a t : c a l l { t a r g e t , m a t c h } - > d e s t r o y ( ) t o c l e a n u p e n t r y ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x w r o n g t y p e i n t r a n s a c t i o n w h e n r e p l a c i n g r u l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : d e c r e m e n t c h a i n u s e c o u n t e r w h e n r e p l a c i n g r u l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e u 3 2 f o r c h a i n u s e c o u n t e r ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e R C U - s a f e l i s t i n s e r t i o n w h e n r e p l a c i n g r u l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a t o m i c a l l o c a t i o n i n s e t n o t i f i c a t i o n s f r o m r c u c a l l b a c k ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a l l o w t o d e l e t e s e v e r a l o b j e c t s f r o m a b a t c h ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ r b t r e e : i n t r o d u c e l o c k i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e l e a s e o b j e c t s i n r e v e r s e o r d e r i n t h e a b o r t p a t h ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x w r o n g t r a n s a c t i o n o r d e r i n g i n s e t e l e m e n t s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : d e f e r a l l o b j e c t r e l e a s e v i a r c u ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e m o v e s k b a n d n l h f r o m c o n t e x t s t r u c t u r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s i m p l i f y n f _ t a b l e s _ * _ n o t i f y ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e n e w t r a n s a c t i o n i n f r a s t r u c t u r e t o h a n d l e e l e m e n t s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e n e w t r a n s a c t i o n i n f r a s t r u c t u r e t o h a n d l e t a b l e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : p a s s c o n t e x t t o n f _ t a b l e s _ u p d t a b l e ( ) ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : d i s a b l i n g t a b l e h o o k s a l w a y s s u c c e e d s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e n e w t r a n s a c t i o n i n f r a s t r u c t u r e t o h a n d l e c h a i n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e f a c t o r c h a i n s t a t i s t i c r o u t i n e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : u s e n e w t r a n s a c t i o n i n f r a s t r u c t u r e t o h a n d l e s e t s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d m e s s a g e t y p e t o t r a n s a c t i o n s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e l o c a t e c o m m i t a n d a b o r t r o u t i n e s i n t h e s o u r c e f i l e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : g e n e r a l i s e t r a n s a c t i o n i n f r a s t r u c t u r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : d e c o n s t i f y t a b l e a n d c h a i n i n c o n t e x t s t r u c t u r e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x t r a c e o f m a t c h i n g n o n - t e r m i n a l r u l e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x m i s s i n g r e t u r n t r a c e a t t h e e n d o f n o n - b a s e c h a i n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x b o g u s r u l e n u m a f t e r g o t o a c t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x t r a c i n g o f t h e g o t o a c t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x g o t o a c t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e s e t r u l e n u m b e r c o u n t e r a f t e r j u m p a n d g o t o ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : a d d h e l p e r f o r a d d i n g n a t e x t e n s i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e l a x s t r i n g v a l i d a t i o n o f N F T A _ C H A I N _ T Y P E ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : A d d m e t a e x p r e s s i o n k e y f o r b r i d g e i n t e r f a c e n a m e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : M a k e m e t a e x p r e s s i o n c o r e f u n c t i o n s p u b l i c ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : S t a c k e x p r e s s i o n t y p e d e p e n d i n g o n t h e i r f a m i l y ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x n f t _ c m p _ f a s t f a i l u r e o n b i g e n d i a n f o r s i z e 4 ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : h a n d l e m o r e t h a n 8 * P A G E _ S I Z E s e t n a m e a l l o c a t i o n s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : f i x w r o n g f o r m a t i n r e q u e s t _ m o d u l e ( ) ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : s e t n a m e s c a n n o t b e l a r g e r t h a n 1 5 b y t e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d s e t _ e l e m n o t i f i c a t i o n s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ h a s h : u s e s e t g l o b a l e l e m e n t c o u n t e r i n s t e a d o f p r i v a t e o n e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : i m p l e m e n t p r o p e r s e t s e l e c t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c t : s p l i t n f t _ c t _ i n i t ( ) i n t o t w o f u n c t i o n s f o r g e t / s e t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ m e t a : s p l i t n f t _ m e t a _ i n i t ( ) i n t o t w o f u n c t i o n s f o r g e t / s e t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c t : a d d m i s s i n g i f d e f f o r N F T _ M A R K s e t t i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : A d d m i s s i n g v m a l l o c . h i n c l u d e t o n f t _ h a s h . c ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ n a t : f i x f a m i l y v a l i d a t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c t : r e m o v e f a m i l y f r o m s t r u c t n f t _ c t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e s t o r e n o t i f i c a t i o n s f o r a n o n y m o u s s e t d e s t r u c t i o n ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : r e s t o r e c o n t e x t f o r e x p r e s s i o n d e s t r u c t o r s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : c l e a n u p n f _ t a b l e s _ t r a n s _ a d d ( ) a r g u m e n t o r d e r ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ h a s h : b u g f i x e s a n d r e s i z i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d o p t i o n a l u s e r d a t a a r e a t o r u l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a c c e p t Q U E U E / D R O P v e r d i c t p a r a m e t e r s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ t a b l e s : a d d n f t _ d e r e f e r e n c e ( ) m a c r o ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f t _ c t : l a b e l s g e t s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ n a t : a d d f u l l p o r t r a n d o m i z a t i o n s u p p o r t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n f _ t a b l e s : I n c l u d e a p p r o p r i a t e h e a d e r f i l e i n n e t f i l t e r / n f t _ l o o k u p . c ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : x t _ l o g : a d d m i s s i n g s t r i n g f o r m a t i n n f _ l o g _ p a c k e t ( ) ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : l o g : n f _ l o g _ p a c k e t ( ) a s r e a l u n i f i e d i n t e r f a c e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : l o g : s p l i t f a m i l y s p e c i f i c c o d e t o n f _ l o g _ { i p , i p 6 , c o m m o n } . c f i l e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ l o g : m o v e l o g b u f f e r i n g t o c o r e l o g g i n g ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f _ l o g : u s e a n a r r a y o f l o g g e r s i n s t e a d o f l i s t ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] i n t r o d u c e n e t d e v _ a l l o c _ p c p u _ s t a t s ( ) f o r d r i v e r s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : n f n e t l i n k : a d d r c u _ d e r e f e r e n c e _ p r o t e c t e d ( ) h e l p e r s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : i p _ s e t : r e n a m e n f n l _ d e r e f e r e n c e ( ) / n f n l _ s e t ( ) ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : i p s e t : r e m o v e u n u s e d c o d e ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : R e m o v e e x t e r n f r o m f u n c t i o n p r o t o t y p e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] n e t f i l t e r : R e m o v e e x t e r n f r o m f u n c t i o n p r o t o t y p e s ( M a r c e l o L e i t n e r ) [ 1 1 4 8 0 4 1 1 1 5 5 0 8 8 ] b r > - [ n e t ] o p e n v s w i t c h : r e m o v e d u p c o m m e n t i n v p o r t . h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : r e s t o r e O V S _ F L O W _ C M D _ N E W n o t i f i c a t i o n s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A d d r e c i r c a n d h a s h a c t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : s i m p l i f y s a m p l e a c t i o n i m p l e m e n t a t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e t u n _ k e y o n l y f o r e g r e s s t u n n e l p a t h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : r e f a c t o r o v s f l o w e x t r a c t A P I ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : R e m o v e p k t _ k e y f r o m O V S _ C B ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : c h a n g e t h e d a t a t y p e o f e r r o r s t a t u s t o a t o m i c _ l o n g _ t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] g e n e t l i n k : a d d f u n c t i o n g e n l _ h a s _ l i s t e n e r s ( ) ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] v x l a n : C a l l u d p _ f l o w _ s r c _ p o r t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] u d p : A d d f u n c t i o n t o m a k e s o u r c e p o r t f o r U D P t u n n e l s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : d i s t i n g u i s h b e t w e e n t h e d r o p p e d a n d c o n s u m e d s k b ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : f i x a m e m o r y l e a k ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x m e m o r y l e a k i n o v s _ v p o r t _ a l l o c ( ) e r r o r p a t h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : f i x d u p l i c a t e # i n c l u d e h e a d e r s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : R e m o v e u n l i k e l y ( ) f o r W A R N _ O N ( ) c o n d i t i o n s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e I S _ E R R _ O R _ N U L L ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A d d s k b _ c l o n e N U L L c h e c k f o r t h e s a m p l i n g a c t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : S a m p l e a c t i o n w i t h o u t s i d e e f f e c t s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A v o i d m e m o r y c o r r u p t i o n i n q u e u e _ u s e r s p a c e _ p a c k e t ( ) ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : E n a b l e t u n n e l G S O f o r O V S b r i d g e ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A l l o w e a c h v p o r t t o h a v e a n a r r a y o f ' p o r t _ i d ' s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : m a k e g e n e r i c n e t l i n k g r o u p c o n s t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : i n t r o d u c e r t n l o p s s t u b ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e e x a c t l o o k u p f o r f l o w _ g e t a n d f l o w _ d e l ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x t r a c k i n g o f f l a g s s e e n i n T C P f l o w s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : s u p p l y a d u m m y e r r _ h a n d l e r o f g r e _ c i s c o _ p r o t o c o l t o p r e v e n t k e r n e l c r a s h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x a d o u b l e f r e e b u g f o r t h e s a m p l e a c t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : S i m p l i f y g e n e t l i n k c o d e ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : M i n i m i z e o v s _ f l o w _ c m d _ n e w ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : S p l i t o v s _ f l o w _ c m d _ n e w _ o r _ s e t ( ) ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : M i n i m i z e o v s _ f l o w _ c m d _ d e l c r i t i c a l s e c t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : R e d u c e l o c k i n g r e q u i r e m e n t s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x o v s _ f l o w _ s t a t s _ g e t / c l e a r R C U d e r e f e r e n c e ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x t y p o ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : M i n i m i z e d p a n d v p o r t c r i t i c a l s e c t i o n s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : M a k e f l o w m a s k r e m o v a l s y m m e t r i c ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : B u i l d f l o w c m d n e t l i n k r e p l y o n l y i f n e e d e d ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : C l a r i f y l o c k i n g ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A v o i d a s s i g n i n g a N U L L p o i n t e r t o f l o w a c t i o n s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : C o m p a c t s w _ f l o w _ k e y ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] n e t / o p e n v s w i t c h : U s e w i t h R C U _ I N I T _ P O I N T E R ( x , N U L L ) i n v p o r t - g r e . c ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e T C P f l a g s i n t h e f l o w k e y f o r s t a t s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x o u t p u t o f S C T P m a s k ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : P e r N U M A n o d e f l o w s t a t s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : R e m o v e 5 - t u p l e o p t i m i z a t i o n ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e e t h e r _ a d d r _ c o p y ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : f l o w _ n e t l i n k : U s e p r _ f m t t o O V S _ N L E R R o u t p u t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : U s e n e t _ r a t e l i m i t i n O V S _ N L E R R ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : A d d e d ( u n s i g n e d l o n g l o n g ) c a s t i n p r i n t f ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : a v o i d c a s t - q u a l w a r n i n g i n v p o r t _ p r i v ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : a v o i d w a r n i n g s i n v p o r t _ f r o m _ p r i v ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : u s e c o n s t i n s o m e l o c a l v a r s a n d c a s t s ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : g e t r i d o f S E T _ E T H T O O L _ O P S ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : C o r r e c t l y r e p o r t f l o w u s e d t i m e s f o r f i r s t 5 m i n u t e s a f t e r b o o t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : F i x r a c e ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : R e a d t c p f l a g s o n l y t h e n t h e t r a n p o r t h e a d e r i s p r e s e n t ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : r e n a m e - > s y n c t o - > s y n c p ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] o p e n v s w i t c h : m a k e f u n c t i o n s l o c a l ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] A d d u t i l i t y f u n c t i o n t o c o p y s k b h a s h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] C h a n g e s k b _ g e t _ r x h a s h t o s k b _ g e t _ h a s h ( J i r i B e n c ) [ 1 1 1 0 3 8 4 ] b r > - [ n e t ] n e t l i n k : R e - a d d l o c k i n g t o n e t l i n k _ l o o k u p ( ) a n d s e q w a l k e r ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : r e m o v e s e c o n d l i n u x / l o g 2 . h i n c l u s i o n ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : a l l o w u s e r t o s e t t h e m i n i m u m s h i f t s o f s h r i n k i n g ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : f i x l o c k d e p s p l a t i n r h a s h t a b l e _ d e s t r o y ( ) ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : S p e l l i n g s / c o m p u a t e / c o m p u t e / ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : A n n o t a t e R C U l o c k i n g f o r s e q _ f i l e w a l k e r ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : h o l d n l _ s o c k _ h a s h _ l o c k d u r i n g d i a g d u m p ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : f i x l o c k d e p s p l a t s ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : C o n v e r t n e t l i n k _ l o o k u p ( ) t o u s e R C U p r o t e c t e d h a s h t a b l e ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : m a k e c o m p a r e e x i s t a l l t h e t i m e ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : A d d c o m p a r e f u n c t i o n f o r n e t l i n k _ t a b l e ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : f i x a n n o t a t i o n s f o r r h t _ f o r _ e a c h _ e n t r y _ r c u ( ) ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : u n e x p o r t a n d m a k e r h t _ o b j ( ) s t a t i c ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : R C U a n n o t a t i o n s f o r n e x t p o i n t e r s ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ l i b ] r h a s h t a b l e : R e s i z a b l e , S c a l a b l e , C o n c u r r e n t H a s h T a b l e ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ m m ] a d d k v f r e e ( ) ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : F i x h a n d l i n g o f e r r o r f r o m n e t l i n k _ d u m p ( ) ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : a u t o s i z e s k b l e n g t h e s ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > - [ n e t ] n e t l i n k : E l i m i n a t e k m a l l o c i n n e t l i n k d u m p o p e r a t i o n ( J i r i B e n c ) [ 1 1 4 0 6 6 1 ] b r > b r > [ 3 . 1 0 . 0 - 2 1 0 ] b r > - [ m i s c ] k a b i : r e v e r t t w o k a b i a d d i t i o n s t h a t n e e d u p d a t e d p p c 6 4 s u m s ( J a r o d W i l s o n ) b r > b r > [ 3 . 1 0 . 0 - 2 0 9 ] b r > - [ f s ] x f s : w r i t e f a i l u r e b e y o n d E O F t r u n c a t e s t o o m u c h d a t a ( B r i a n F o s t e r ) [ 1 0 3 2 9 6 8 ] b r > - [ f s ] x f s : x f s _ v m _ w r i t e _ e n d t r u n c a t e s t o o m u c h o n f a i l u r e ( B r i a n F o s t e r ) [ 1 0 3 2 9 6 8 ] b r > - [ f s ] x f s : u s e - > i n v a l i d a t e p a g e ( ) l e n g t h a r g u m e n t ( B r i a n F o s t e r ) [ 1 0 3 2 9 6 8 ] b r > - [ f s ] x f s : c h a n g e i n v a l i d a t e p a g e p r o t o t y p e t o a c c e p t l e n g t h ( B r i a n F o s t e r ) [ 1 0 3 2 9 6 8 ] b r > - [ f s ] x f s : r e s t o r e b u f f e r _ h e a d u n w r i t t e n b i t o n i o e n d c a n c e l ( B r i a n F o s t e r ) [ 1 1 6 2 9 5 3 ] b r > - [ f s ] x f s : a l l o w i n o d e a l l o c a t i o n s i n p o s t - g r o w f s d i s k s p a c e ( E r i c S a n d e e n ) [ 1 1 1 5 2 0 1 ] b r > - [ s c s i ] p m 8 0 0 1 : U p d a t e n v m d r e s p o n s e d a t a t o r e q u e s t b u f f e r ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : f i x p m 8 0 0 1 _ s t o r e _ u p d a t e _ f w ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : F i x e r r a t i c c a l c u l a t i o n i n u p d a t e _ f l a s h ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : F i x i n v a l i d r e t u r n w h e n r e q u e s t _ i r q ( ) f a i l e d ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : f i x a m e m o r y l e a k i n n v m d _ r e s p ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : f i x u p d a t e _ f l a s h ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : f i x a m e m o r y l e a k i n f l a s h _ u p d a t e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : C l e a n i n g u p u n i n i t i a l i z e d v a r i a b l e s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : F i x t o r e m o v e n u l l p o i n t e r c h e c k s t h a t c o u l d n e v e r h a p p e n ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : m o r e f i x e s t o h o n o r r e t u r n v a l u e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : a d d a n e w s p i n l o c k t o p r o t e c t t h e C C B ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : h o n o r r e t u r n v a l u e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : c l e a n b i t m a p m a n a g e m e n t f u n c t i o n s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : F i x h i b e r n a t i o n i s s u e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 0 1 : F i x p o t e n t i a l n u l l p o i n t e r d e r e f e r e n c e a n d m e m o r y l e a k ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : F i x m i s s i n g N U L L p o i n t e r c h e c k s a n d m e m o r y l e a k s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] d r i v e r s / s c s i / p m 8 0 0 1 / p m 8 0 0 1 _ c t l . c : a v o i d w o r l d - w r i t a b l e s y s f s f i l e s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : f i x p r o b l e m o f p m 8 0 0 1 _ w o r k _ f n r e s e t i n g i n c o r r e c t p h y d e v i c e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : F i x m i s s i n g N U L L p o i n t e r c h e c k s a n d m e m o r y l e a k s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : E n a b l e B A R s h i f t t o a v o i d B I O S c o n f l i c t w i t h M P I s p a c e f o r A T T O p m 8 0 0 1 b a s e d H B A s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : R e a d s a v e d W W N f r o m N V M D f o r A T T O p m 8 0 0 1 b a s e d H B A s ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ s c s i ] p m 8 0 x x : F i x e d r e t u r n v a l u e i s s u e ( R i c h B o n o ) [ 1 1 1 0 9 4 3 ] b r > - [ m d ] d m - t h i n : f i x p o o l _ i o _ h i n t s t o a v o i d l o o k i n g a t m a x _ h w _ s e c t o r s ( M i k e S n i t z e r ) [ 1 1 5 6 1 6 4 ] b r > - [ k e r n e l ] a u d i t : k e e p i n o d e p i n n e d ( P a u l M o o r e ) [ 1 1 6 2 2 6 1 ] b r > - [ b l o c k ] n v m e : c l e a n u p n v m e _ s p l i t _ f l u s h _ d a t a ( ) ( D a v i d M i l b u r n ) [ 1 1 6 1 7 6 6 ] b r > - [ s c s i ] i b m v f c : f i x l i t t l e e n d i a n i s s u e s ( S t e v e B e s t ) [ 1 1 5 9 7 8 1 ] b r > - [ s c s i ] i b m v f c : F i x f o r o f f l i n i n g d e v i c e s d u r i n g e r r o r r e c o v e r y ( S t e v e B e s t ) [ 1 1 5 9 7 8 1 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 8 ] b r > - [ s c s i ] c x g b 4 i : s e n d a b o r t _ r p l c o r r e c t l y ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ D o c u m e n t a t i o n ] c x g b i : a d d m a i n t a i n e r f o r c x g b 3 i / c x g b 4 i ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 v f : F L S t a r v a t i o n T h r e s h o l d n e e d s t o b e l a r g e r t h a n t h e S G E s E g r e s s C o n g e s t i o n T h r e s h o l d ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : F o r T 5 u s e P a c k i n g a n d P a d d i n g B o u n d a r i e s f o r S G E D M A t r a n s f e r s ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 v f : M o v e f l _ s t a r v _ t h r e s i n t o a d a p t e r - > s g e d a t a s t r u c t u r e ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 v f : R e p l a c e r e p e t i t i v e p c i d e v i c e I D s w i t h r i g h t o n e s ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ i n f i n b a n d ] c x g b 4 : M a k e c 4 i w _ w r _ l o g _ s i z e _ o r d e r s t a t i c ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ i n f i n b a n d ] c x g b 4 : A d d m i s s i n g n e i g h _ r e l e a s e i n f i n d _ r o u t e ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ i n f i n b a n d ] c x g b 4 : F i x n t u p l e c a l c u l a t i o n f o r i p v 6 a n d r e m o v e d u p l i c a t e l i n e ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : F i x F W f l a s h l o g i c u s i n g e t h t o o l ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ i n f i n i b a n d ] c x g b 4 : T a k e I P v 6 i n t o a c c o u n t f o r b e s t _ m t u a n d s e t _ e m s s ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : W a i t f o r d e v i c e t o g e t r e a d y b e f o r e r e a d i n g a n y r e g i s t e r ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 v f : A d d 4 0 G s u p p o r t f o r c x g b 4 v f d r i v e r ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : U p d a t e d t h e L S O t r a n s f e r l e n g t h i n C P L _ T X _ P K T _ L S O f o r T 5 ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : A d d s u p p o r t f o r a d a p t i v e r x ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : C h a n g e d e f a u l t I n t e r r u p t H o l d o f f P a c k e t C o u n t T h r e s h o l d ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : A d d D e v i c d e I D f o r t w o m o r e a d a p t e r ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 v f : R e m o v e s u p e r f l u o u s ' i d x ' p a r a m e t e r o f C H _ D E V I C E ( ) m a c r o ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ e t h e r n e t ] c x g b 4 : U s e B A R 2 G o i n g T o S l e e p ( G T S ) f o r T 5 a n d l a t e r ( S a i V e m u r i ) [ 1 1 6 3 4 6 7 ] b r > - [ s c s i ] c x g b i : s u p p o r t i p v 6 a d d r e s s h o s t _ p a r a m ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ s c s i ] c x g b 4 i : F i x - W m a y b e - u n i n i t i a l i z e d w a r n i n g ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ s c s i ] c x g b 4 i : R e m o v e d u p l i c a t e c a l l t o d s t _ n e i g h _ l o o k u p ( ) ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ s c s i ] c x g b 4 i : F i x - W u n u s e d - f u n c t i o n w a r n i n g ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ e t h e r n e t ] c x g b 4 : F i x b u i l d f a i l u r e i n c x g b 4 w h e n i p v 6 i s d i s a b l e d / n o t i n - b u i l t ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ s c s i ] c x g b 4 i : R e m o v e d u p l i c a t e d C L I P h a n d l i n g c o d e ( S a i V e m u r i ) [ 1 1 5 3 8 3 4 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x a l i g n m e n t o n l i n e w r a p ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e m o v e m u l t i p l e a s s i g n m e n t s o n a s i n g l e l i n e ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e m o v e s p a c e a f t e r t y p e c a s t s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e m o v e u n n e c e s s a r y b l a n k l i n e s a f t e r a n o p e n b r a c e ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : i n s e r t a b l a n k l i n e a f t e r f u n c t i o n / s t r u c t / / e n u m d e f i n i t i o n s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e m o v e m u l t i p l e b l a n k l i n e s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : a d d b l a n k l i n e a f t e r d e c l a r a t i o n s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e m o v e r e t u r n s t a t e m e n t s f o r v o i d f u n c t i o n s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : a d d s p e e d r e p o r t i n g f o r 2 0 G - K R i n t e r f a c e ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : a d d s p e e d r e p o r t i n g f o r 4 0 G / K R i n t e r f a c e ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x s p a r s e w a r n i n g s i n b e _ c m d _ r e q _ p o r t _ t y p e { } ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x a s p a r s e w a r n i n g i n b e _ c m d _ m o d i f y _ e q d ( ) ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : e n a b l e P C I e e r r o r r e p o r t i n g o n V F s t o o ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : s e n d a m a x o f 8 E Q s t o b e _ c m d _ m o d i f y _ e q d ( ) o n L a n c e r ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x p o r t - t y p e r e p o r t i n g i n g e t _ s e t t i n g s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : a d d e t h t o o l ' - m ' o p t i o n s u p p o r t ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x R X f r a g m e n t p o s t i n g f o r j u m b o f r a m e s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : r e p l a c e s t r c p y w i t h s t r l c p y ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b e 2 n e t : f i x s o m e l o g m e s s a g e s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 5 ] b r > - [ e t h e r n e t ] b n a : f i x s k b - > t r u e s i z e u n d e r e s t i m a t i o n ( I v a n V e c e r a ) [ 1 1 6 5 7 5 9 ] b r > - [ e t h e r n e t ] b n a : a l l o w t r a n s m i t t a g g e d f r a m e s ( I v a n V e c e r a ) [ 1 1 6 5 7 5 9 ] b r > - [ e t h e r n e t ] b n a : u s e c o n t a i n e r _ o f t o r e s o l v e b u f d e s c _ e x f r o m b u f d e s c ( I v a n V e c e r a ) [ 1 1 6 5 7 5 9 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d s u p p o r t f o r R T L 8 1 6 8 E P ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d s u p p o r t f o r B y t e Q u e u e L i m i t s ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : c a l l ' r t l 8 1 6 8 _ d r i v e r _ s t a r t ' ' r t l 8 1 6 8 _ d r i v e r _ s t o p ' o n l y w h e n h a r d w a r e d a s h f u n c t i o n i s e n a b l e d ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : m o d i f y t h e b e h a v i o r o f f u n c t i o n ' r t l 8 1 6 8 _ o o b _ n o t i f y ' ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : c h a n g e t h e n a m e o f f u n c t i o n ' r 8 1 6 8 d p _ c h e c k _ d a s h ' t o ' r 8 1 6 8 _ c h e c k _ d a s h ' ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : c h a n g e t h e n a m e o f f u n c t i o n ' r t l _ w 1 w 0 _ e r i ' ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : f o r f u n c t i o n ' r t l _ w 1 w 0 _ p h y ' c h a n g e i t s n a m e a n d b e h a v i o r ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d m o r e c h i p s t o s u p p o r t m a g i c p a c k e t v 2 ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d s u p p o r t m o r e c h i p s t o g e t m a c a d d r e s s f r o m b a c k u p m a c a d d r e s s r e g i s t e r ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d d i s a b l e / e n a b l e R T L 8 4 1 1 B p l l f u n c t i o n ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d d d i s a b l e / e n a b l e R T L 8 1 6 8 G p l l f u n c t i o n ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : c h a n g e u p p e r c a s e n u m b e r t o l o w e r c a s e n u m b e r ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : f i x a n i f c o n d i t i o n ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : a d j u s t _ _ r t l 8 1 6 9 _ s e t _ f e a t u r e s ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : f i x s e t t i n g r x v l a n ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > - [ e t h e r n e t ] r 8 1 6 9 : f i x t h e d e f a u l t s e t t i n g o f r x v l a n ( I v a n V e c e r a ) [ 1 1 6 5 7 6 4 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 7 ] b r > - [ p o w e r p c ] u s e d e v i c e _ o n l i n e / o f f l i n e ( ) i n s t e a d o f c p u _ u p / d o w n ( ) ( G u s t a v o D u a r t e ) [ 1 1 5 7 7 3 7 ] b r > - [ e t h e r n e t ] i 4 0 e : d i s a b l e F C o E ( S t e f a n A s s m a n n ) [ 1 1 6 5 1 7 5 ] b r > - [ c p u f r e q ] i n t e l _ p s t a t e : A d d C P U I D f o r B D W - H C P U ( S t e v e B e s t ) [ 1 1 6 4 3 7 9 ] b r > - [ m m ] d o n o t o v e r w r i t e r e s e r v e d p a g e s c o u n t e r a t s h o w _ m e m ( ) ( R a f a e l A q u i n i ) [ 1 1 2 5 4 3 3 ] b r > - [ a l s a ] R e v e r t : K c o n f i g : r e n a m e H A S _ I O P O R T t o H A S _ I O P O R T _ M A P ( J a r o d W i l s o n ) [ 1 1 1 2 2 0 0 ] b r > - [ e t h e r n e t ] e n i c : D o n o t c a l l n a p i _ d i s a b l e w h e n p r e e m p t i o n i s d i s a b l e d ( S t e f a n A s s m a n n ) [ 1 1 4 5 0 1 9 ] b r > - [ e t h e r n e t ] e n i c : f i x p o s s i b l e d e a d l o c k i n e n i c _ s t o p / e n i c _ r f s _ f l w _ t b l _ f r e e ( S t e f a n A s s m a n n ) [ 1 1 4 5 0 1 9 ] b r > - [ x 8 6 ] u v _ b a u : A v o i d N U L L p o i n t e r r e f e r e n c e i n p t c _ s e q _ s h o w ( F r a n k R a m s a y ) [ 1 1 6 1 1 8 3 ] b r > - [ x 8 6 ] u v _ b a u : I n c r e a s e m a x i m u m C P U s p e r s o c k e t / h u b ( F r a n k R a m s a y ) [ 1 1 6 1 1 8 3 ] b r > - [ m m ] v m s c a n : d o n o t t h r o t t l e b a s e d o n p f m e m a l l o c r e s e r v e s i f n o d e h a s n o Z O N E _ N O R M A L ( G u s t a v o D u a r t e ) [ 1 1 4 8 9 2 5 ] b r > - [ c h a r ] h w r n g / p s e r i e s : p o r t t o n e w r e a d A P I a n d f i x s t a c k c o r r u p t i o n ( G u s t a v o D u a r t e ) [ 1 1 6 3 6 5 9 ] b r > - [ m d ] R e v e r t : d m - c a c h e : a d d c a l l t o m a r k _ t e c h _ p r e v i e w ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - c a c h e : e m i t a w a r n i n g m e s s a g e i f t h e r e a r e a l o t o f c a c h e b l o c k s ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - c a c h e : i m p r o v e d i s c a r d s u p p o r t ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - c a c h e : r e v e r t ' p r e v e n t c o r r u p t i o n c a u s e d b y d i s c a r d _ b l o c k _ s i z e > c a c h e _ b l o c k _ s i z e ' ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - c a c h e : r e v e r t ' r e m o v e r e m a i n d e r o f d i s t i n c t d i s c a r d b l o c k s i z e ' ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - b i o - p r i s o n : i n t r o d u c e s u p p o r t f o r l o c k i n g r a n g e s o f b l o c k s ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - b t r e e : f i x a r e c u r s i o n d e p t h b u g i n b t r e e w a l k i n g c o d e ( M i k e S n i t z e r ) [ 1 0 8 0 8 9 4 ] b r > - [ m d ] d m - c a c h e - p o l i c y - m q : s i m p l i f y a b i l i t y t o p r o m o t e s e q u e n t i a l I O t o t h e c a c h e ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ m d ] d m - c a c h e - p o l i c y - m q : t w e a k a l g o r i t h m t h a t d e c i d e s w h e n t o p r o m o t e a b l o c k ( M i k e S n i t z e r ) [ 1 1 5 9 0 0 1 ] b r > - [ s e c u r i t y ] s e l i n u x : f i x i n o d e s e c u r i t y l i s t c o r r u p t i o n ( P a u l M o o r e ) [ 1 1 5 2 2 7 4 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 6 ] b r > - [ x 8 6 ] q u i r k s : P r i n t t h e I n t e l g r a p h i c s s t o l e n m e m o r y r a n g e ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ x 8 6 ] q u i r k s : A d d I n t e l g r a p h i c s s t o l e n m e m o r y q u i r k f o r g e n 2 p l a t f o r m s ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ x 8 6 ] q u i r k s : A d d v f u n c f o r I n t e l g r a p h i c s s t o l e n m e m o r y b a s e a d d r e s s ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ x 8 6 ] q u i r k s : u s e g e n 6 s t o l e n d e t e c t i o n f o r V L V ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ x 8 6 ] q u i r k s : s u p p o r t G M S a n d G G M S c h a n g e s o n i 9 1 5 / b d w ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ x 8 6 ] q u i r k s : a d d e a r l y q u i r k f o r r e s e r v i n g I n t e l g r a p h i c s s t o l e n m e m o r y v 5 ( R o b C l a r k ) [ 1 1 5 4 0 5 3 ] b r > - [ n e t ] v m x n e t 3 : f i x n e t p o l l r a c e c o n d i t i o n ( N e i l H o r m a n ) [ 1 1 5 8 0 0 1 ] b r > - [ v i r t ] v i r t i o _ b a l l o o n : u p d a t e _ b a l l o o n _ s i z e ( ) - u p d a t e c o r r e c t f i e l d ( L u i z C a p i t u l i n o ) [ 1 1 6 3 5 6 7 ] b r > - [ f i r m w a r e ] m e m m a p : d o n t c r e a t e m e m m a p s y s f s o f s a m e f i r m w a r e _ m a p _ e n t r y ( T a k a h i r o M U N E D A ) [ 1 1 6 0 1 7 3 ] b r > - [ m m ] m e m o r y - h o t p l u g : c l e a r p g d a t w h i c h i s a l l o c a t e d b y b o o t m e m i n t r y _ o f f l i n e _ n o d e ( ) ( L a r r y W o o d m a n ) [ 1 1 5 6 3 9 3 ] b r > - [ k e r n e l ] a d d p a n i c _ o n _ w a r n ( P r a r i t B h a r g a v a ) [ 1 1 6 3 8 5 2 ] b r > - [ v i r t ] h y p e r v : F i x t h e t o t a l _ d a t a _ b u f l e n i n s e n d p a t h ( J a s o n W a n g ) [ 1 1 5 6 3 0 5 ] b r > - [ v i r t ] h y p e r v : A d d h a n d l i n g o f I P h e a d e r w i t h o p t i o n f i e l d i n n e t v s c _ s e t _ h a s h ( ) ( J a s o n W a n g ) [ 1 1 5 6 3 0 5 ] b r > - [ v i r t ] h y p e r v : F i x a b u g i n n e t v s c _ s t a r t _ x m i t ( ) ( J a s o n W a n g ) [ 1 1 5 6 3 0 5 ] b r > - [ v i r t ] h y p e r v : F i x a b u g i n n e t v s c _ s e n d ( ) ( J a s o n W a n g ) [ 1 1 5 6 3 0 5 ] b r > - [ p o w e r p c ] k e x e c : a d j u s t c r a s h k e r n e l r e s e r v a t i o n f o r 2 G B - 4 G B s y s t e m s ( G u s t a v o D u a r t e ) [ 1 0 7 4 9 2 4 ] b r > - [ v i r t ] k v m / i o a p i c : c o n d i t i o n a l l y d e l a y i r q d e l i v e r y d u r i n g e o i b r o a d c a s t ( J o h n S n o w ) [ 9 2 1 5 2 6 ] b r > - [ f s ] f i l e _ t a b l e : g e t r i d o f s _ f i l e s a n d f i l e s _ l o c k ( G u s t a v o D u a r t e ) [ 1 1 1 2 8 0 5 ] b r > - [ f s ] s u p e r : u n i n l i n e d e s t r o y _ s u p e r ( ) , c o n s o l i d a t e a l l o c _ s u p e r ( ) ( G u s t a v o D u a r t e ) [ 1 1 1 2 8 0 5 ] b r > - [ e t h e r n e t ] m l x 4 : A d v e r t i z e e n c a p s u l a t i o n o f f l o a d s f e a t u r e s o n l y w h e n V X L A N t u n n e l i s s e t ( F l o r i a n W e s t p h a l ) [ 1 0 9 7 4 7 8 ] b r > - [ e t h e r n e t ] m l x 4 : A v o i d l e a k i n g s t e e r i n g r u l e s o n f l o w c r e a t i o n e r r o r f l o w ( F l o r i a n W e s t p h a l ) [ 1 0 9 7 4 7 8 ] b r > - [ e t h e r n e t ] m l x 4 : D o n t a t t e m p t t o T X o f f l o a d t h e o u t e r U D P c h e c k s u m f o r V X L A N ( F l o r i a n W e s t p h a l ) [ 1 0 9 7 4 7 8 ] b r > - [ s c s i ] b n x 2 f c : f i x t g t s p i n l o c k l o c k i n g ( M a u r i z i o L o m b a r d i ) [ 1 1 6 5 1 6 9 ] b r > - [ s c s i ] T U R p a t h i s d o w n a f t e r a d a p t e r g e t s r e s e t w i t h m u l t i p a t h ( E w a n M i l n e ) [ 1 1 5 3 7 3 8 ] b r > - [ s c s i ] c a l l d e v i c e h a n d l e r f o r f a i l e d T U R c o m m a n d ( E w a n M i l n e ) [ 1 1 5 3 7 3 8 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 5 ] b r > - [ m m ] s h m e m : f i x s p l i c i n g f r o m a h o l e w h i l e i t s p u n c h e d ( D e n y s V l a s e n k o ) [ 1 1 1 8 2 4 5 ] { C V E - 2 0 1 4 - 4 1 7 1 } b r > - [ m m ] s h m e m : f i x f a u l t i n g i n t o a h o l e , n o t t a k i n g i _ m u t e x ( D e n y s V l a s e n k o ) [ 1 1 1 8 2 4 5 ] { C V E - 2 0 1 4 - 4 1 7 1 } b r > - [ m m ] s h m e m : f i x f a u l t i n g i n t o a h o l e w h i l e i t s p u n c h e d ( D e n y s V l a s e n k o ) [ 1 1 1 8 2 4 5 ] { C V E - 2 0 1 4 - 4 1 7 1 } b r > - [ v i r t ] k v m : d e t e c t L V T T c h a n g e s u n d e r A P I C v ( R a d i m K r c m a r ) [ 1 1 5 1 1 7 4 ] b r > - [ v i r t ] k v m : d e t e c t S P I V c h a n g e s u n d e r A P I C v ( R a d i m K r c m a r ) [ 1 1 5 1 1 7 4 ] b r > - [ v i r t ] k v m : r e c a l c u l a t e _ a p i c _ m a p a f t e r e n a b l i n g a p i c ( R a d i m K r c m a r ) [ 1 1 5 1 1 7 4 ] b r > - [ v i r t ] k v m : t r a c e k v m _ p l e _ w i n d o w g r o w / s h r i n k ( R a d i m K r c m a r ) [ 1 1 6 3 2 9 6 ] b r > - [ v i r t ] k v m / v m x : d y n a m i s e P L E w i n d o w ( R a d i m K r c m a r ) [ 1 1 6 3 2 9 6 ] b r > - [ v i r t ] k v m / v m x : m a k e P L E w i n d o w p e r - V C P U ( R a d i m K r c m a r ) [ 1 1 6 3 2 9 6 ] b r > - [ v i r t ] k v m : i n t r o d u c e s c h e d _ i n t o k v m _ x 8 6 _ o p s ( R a d i m K r c m a r ) [ 1 1 6 3 2 9 6 ] b r > - [ v i r t ] k v m : a d d k v m _ a r c h _ s c h e d _ i n ( R a d i m K r c m a r ) [ 1 1 6 3 2 9 6 ] b r > - [ k e r n e l ] u p r o b e s : D o n t a s s u m e t h a t a r c h _ u p r o b e - > i n s n / i x o l i s u 8 [ M A X _ U I N S N _ B Y T E S ] ( S t e v e B e s t ) [ 1 1 5 9 3 6 5 ] b r > - [ d r m ] q x l : d o n t c r e a t e t o o l a r g e p r i m a r y s u r f a c e ( D a v e A i r l i e ) [ 1 1 5 8 2 3 3 ] b r > - [ p o w e r p c ] p s e r i e s : Q u i e t e n i b m , p c i e - l i n k - s p e e d - s t a t s w a r n i n g ( S t e v e B e s t ) [ 1 1 6 2 2 8 7 ] b r > - [ m d ] d m - t h i n : f i x p o t e n t i a l f o r i n f i n i t e l o o p i n p o o l _ i o _ h i n t s ( M i k e S n i t z e r ) [ 1 1 5 6 1 6 4 ] b r > - [ v i r t ] h y p e r v / v m b u s : I n c r e a s e t h e l i m i t o n t h e n u m b e r o f p f n s w e c a n h a n d l e ( J a s o n W a n g ) [ 1 1 6 0 1 3 0 ] b r > - [ v i r t ] k v m : u p d a t e m a s t e r c l o c k v a l u e s o n T S C w r i t e s ( M a r c e l o T o s a t t i ) [ 1 1 5 8 0 3 9 ] b r > - [ v i r t ] k v m : e m u l a t e M O V N T D Q ( P a o l o B o n z i n i ) [ 1 1 1 7 5 4 2 ] b r > - [ c r y p t o ] a f _ a l g : p r o p e r l y l a b e l A F _ A L G s o c k e t ( O n d r e j K o z i n a ) [ 1 1 6 1 1 4 8 ] b r > - [ p o w e r p c ] v p h n : N U M A n o d e c o d e e x p e c t s b i g - e n d i a n ( S t e v e B e s t ) [ 1 1 5 4 6 7 3 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 4 ] b r > - [ n e t ] i p 6 _ g r e : R e t u r n a n e r r o r w h e n a d d i n g a n e x i s t i n g t u n n e l ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] i p 6 _ t u n n e l : R e t u r n a n e r r o r w h e n a d d i n g a n e x i s t i n g t u n n e l ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] i p _ t u n n e l : D o n t a l l o w t o a d d t h e s a m e t u n n e l m u l t i p l e t i m e s ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] g r e : U s e i n n e r m a c l e n g t h w h e n c o m p u t i n g t u n n e l l e n g t h ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] g r e : e n a b l e o f f l o a d s f o r G R E ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] i p v 4 : f i x a p o t e n t i a l u s e a f t e r f r e e i n g r e _ o f f l o a d . c ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] i p v 4 : f i x a p o t e n t i a l u s e a f t e r f r e e i n i p _ t u n n e l _ c o r e . c ( A l e x a n d e r D u y c k ) [ 1 1 5 1 8 8 6 1 1 5 2 3 6 8 ] b r > - [ n e t ] g r o : f i x a g g r e g a t i o n f o r s k b u s i n g f r a g _ l i s t ( A l e x a n d e r D u y c k ) [ 1 1 5 4 2 3 9 ] b r > - [ n e t ] g r o : m a k e s u r e s k b - > c b [ ] i n i t i a l c o n t e n t h a s n o t t o b e z e r o ( A l e x a n d e r D u y c k ) [ 1 1 5 4 2 3 9 ] b r > - [ n e t ] b r i d g e : n o t i f y u s e r s p a c e a f t e r f d b u p d a t e ( A l e x a n d e r D u y c k ) [ 1 1 0 9 6 0 5 ] b r > - [ n e t ] b r i d g e : F i x t h e w a y t o f i n d o l d l o c a l f d b e n t r i e s i n b r _ f d b _ c h a n g e a d d r ( A l e x a n d e r D u y c k ) [ 1 1 0 9 6 0 5 ] b r > - [ n e t ] h a n d l e e n c a p s u l a t i o n o f f l o a d s w h e n c o m p u t i n g s e g m e n t l e n g t h s ( J i r i B e n c ) [ 1 1 4 4 5 7 1 ] b r > - [ n e t ] g s o : m a k e s k b _ g s o _ s e g m e n t e r r o r h a n d l i n g m o r e r o b u s t ( J i r i B e n c ) [ 1 1 4 4 5 7 1 ] b r > - [ n e t ] g s o : u s e f e a t u r e f l a g a r g u m e n t i n a l l p r o t o c o l g s o h a n d l e r s ( J i r i B e n c ) [ 1 1 4 4 5 7 1 ] b r > - [ n e t ] u d p _ o f f l o a d : U s e I S _ E R R _ O R _ N U L L ( J i r i B e n c ) [ 1 1 4 4 5 7 1 ] b r > - [ n e t ] i p v 4 : U s e I S _ E R R _ O R _ N U L L ( J i r i B e n c ) [ 1 1 4 4 5 7 1 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 3 ] b r > - [ f s ] G F S 2 : I f w e u s e u p o u r b l o c k r e s e r v a t i o n , r e q u e s t m o r e n e x t t i m e ( R o b e r t S P e t e r s o n ) [ 1 1 4 2 2 3 8 ] b r > - [ f s ] G F S 2 : O n l y i n c r e a s e r s _ s i z e h i n t ( R o b e r t S P e t e r s o n ) [ 1 1 4 2 2 3 8 ] b r > - [ f s ] G F S 2 : S e t o f d i s t r i b u t e d p r e f e r e n c e s f o r r g r p s ( R o b e r t S P e t e r s o n ) [ 1 1 4 2 2 3 8 ] b r > - [ f s ] a u t o f s : f i x s y m l i n k s a r e n t c h e c k e d f o r e x p i r y ( I a n K e n t ) [ 1 1 1 6 1 8 2 ] b r > - [ f s ] G F S 2 : f i x r e g r e s s i o n i n d i r _ d o u b l e _ e x h a s h ( R o b e r t S P e t e r s o n ) [ 1 1 6 0 2 2 9 ] b r > - [ f s ] g f s 2 _ a t o m i c _ o p e n ( ) : s k i p l o o k u p s o n h a s h e d d e n t r y ( R o b e r t S P e t e r s o n ) [ 1 1 5 8 1 5 0 ] b r > - [ f s ] s p l i c e : p e r f o r m g e n e r i c w r i t e c h e c k s ( E r i c S a n d e e n ) [ 1 1 5 5 9 0 7 ] b r > - [ f s ] f s : s e q _ f i l e : f a l l b a c k t o v m a l l o c a l l o c a t i o n ( I a n K e n t ) [ 1 0 9 5 6 2 3 ] b r > - [ f s ] f s : / p r o c / s t a t : c o n v e r t t o s i n g l e _ o p e n _ s i z e ( ) ( I a n K e n t ) [ 1 0 9 5 6 2 3 ] b r > - [ f s ] f s : s e q _ f i l e : a l w a y s c l e a r m - > c o u n t w h e n w e f r e e m - > b u f ( I a n K e n t ) [ 1 0 9 5 6 2 3 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 2 ] b r > - [ e t h e r n e t ] m l x 4 : U s e P T Y S r e g i s t e r t o s e t e t h t o o l s e t t i n g s ( S p e e d ) ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : U s e P T Y S r e g i s t e r t o q u e r y e t h t o o l s e t t i n g s ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : u s e S P E E D _ U N K N O W N a n d D U P L E X _ U N K N O W N w h e n a p p r o p r i a t e ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : A d d 1 0 0 M , 2 0 G , 5 6 G s p e e d s e t h t o o l r e p o r t i n g s u p p o r t ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : A d d e t h e r n e t b a c k p l a n e a u t o n e g d e v i c e c a p a b i l i t y ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : I n t r o d u c e A C C E S S _ R E G C M D a n d e t h _ p r o t _ c t r l d e v c a p ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : C a b l e i n f o , g e t _ m o d u l e _ i n f o / e e p r o m e t h t o o l s u p p o r t ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : I n t r o d u c e m l x 4 _ g e t _ m o d u l e _ i n f o f o r c a b l e m o d u l e i n f o r e a d i n g ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ e t h e r n e t ] m l x 4 : E n a b l e C Q E / E Q E s t r i d e s u p p o r t ( A m i r V a d a i ) [ 1 0 6 0 2 2 1 ] b r > - [ v i r t ] k v m / v m x : d e f e r l o a d o f A P I C a c c e s s p a g e a d d r e s s d u r i n g r e s e t ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : d o n o t h a n d l e A P I C a c c e s s p a g e i f i n - k e r n e l i r q c h i p i s n o t i n u s e ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : U n p i n a n d r e m o v e k v m _ a r c h - > a p i c _ a c c e s s _ p a g e ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m / v m x : I m p l e m e n t s e t _ a p i c _ a c c e s s _ p a g e _ a d d r ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : A d d r e q u e s t b i t t o r e l o a d A P I C a c c e s s p a g e a d d r e s s ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : A d d a r c h s p e c i f i c m m u n o t i f i e r f o r p a g e i n v a l i d a t i o n ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : R e n a m e m a k e _ a l l _ c p u s _ r e q u e s t ( ) t o k v m _ m a k e _ a l l _ c p u s _ r e q u e s t ( ) a n d m a k e i t n o n - s t a t i c ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : R e m o v e e p t _ i d e n t i t y _ p a g e t a b l e f r o m s t r u c t k v m _ a r c h ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ v i r t ] k v m : U s e A P I C _ D E F A U L T _ P H Y S _ B A S E m a c r o a s t h e a p i c a c c e s s p a g e a d d r e s s ( P a o l o B o n z i n i ) [ 1 1 4 0 9 7 4 ] b r > - [ d r m ] v m w g f x : r e s p e c t ' n o m o d e s e t ' ( R o b C l a r k ) [ 1 1 0 1 3 8 1 ] b r > - [ s 3 9 0 ] q e t h : d o n t q u e r y f o r i n f o i f h a r d w a r e n o t r e a d y ( H e n d r i k B r u e c k n e r ) [ 1 1 4 7 5 7 3 ] b r > - [ b l o c k ] F i x d e v _ t m i n o r a l l o c a t i o n l i f e t i m e ( J e f f M o y e r ) [ 1 1 3 9 8 9 8 ] b r > - [ m d ] d m - c r y p t : f i x a c c e s s b e y o n d t h e e n d o f a l l o c a t e d s p a c e ( M i k e S n i t z e r ) [ 1 1 3 5 0 6 6 ] b r > - [ f s ] i s o f s : u n b o u n d r e c u r s i o n w h e n p r o c e s s i n g r e l o c a t e d d i r e c t o r i e s ( J a c o b T a n e n b a u m ) [ 1 1 4 2 2 7 1 ] { C V E - 2 0 1 4 - 5 4 7 1 C V E - 2 0 1 4 - 5 4 7 2 } b r > - [ e t h e r n e t ] b e 2 n e t : u s e v 1 o f S E T _ F L O W _ C O N T R O L c o m m a n d ( I v a n V e c e r a ) [ 1 0 8 7 1 2 8 ] b r > - [ a c p i ] r e t u r n 1 a f t e r s u c c e s s f u l l y i n s t a l l c m o s _ r t c s p a c e h a n d l e r ( A m o s K o n g ) [ 1 1 5 9 4 6 5 ] b r > - [ x 8 6 ] h y p e r v : B y p a s s t h e t i m e r _ i r q _ w o r k s ( ) c h e c k ( J a s o n W a n g ) [ 1 0 5 8 1 0 5 ] b r > - [ m m ] h u g e t l b : i n i t i a l i z e P G _ r e s e r v e d f o r t a i l p a g e s o f g i g a n t i c c o m p o u n d p a g e s ( L u i z C a p i t u l i n o ) [ 1 1 5 8 5 0 6 ] b r > - [ k e r n e l ] c p u s e t : P F _ S P R E A D _ P A G E a n d P F _ S P R E A D _ S L A B s h o u l d b e a t o m i c f l a g s ( A a r o n T o m l i n ) [ 1 1 6 0 3 6 0 ] b r > - [ i n f i n i b a n d ] q i b : C o r r e c t r e f e r e n c e c o u n t i n g i n d e b u g f s q p _ s t a t s ( R u i W a n g ) [ 1 1 5 0 0 0 1 ] b r > - [ x 8 6 ] u v : C h e c k f o r a l l o c _ c p u m a s k _ v a r ( ) f a i l u r e s p r o p e r l y i n u v _ n m i _ s e t u p ( ) ( G e o r g e B e s h e r s ) [ 1 1 5 5 7 5 4 ] b r > - [ p o w e r p c ] f a d u m p : F i x e n d i a n e s s i s s u e s i n f i r m w a r e a s s i s t e d d u m p h a n d l i n g ( S t e v e B e s t ) [ 1 1 5 9 7 7 3 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 1 ] b r > - [ s c s i ] i p r : w a i t f o r a b o r t e d c o m m a n d r e s p o n s e s ( G u s t a v o D u a r t e ) [ 1 1 5 6 5 3 0 ] b r > - [ e t h e r n e t ] m l x 4 : P r o t e c t p o r t t y p e s e t t i n g b y m u t e x ( A m i r V a d a i ) [ 1 0 9 5 3 4 5 ] b r > - [ a c p i ] p m : O n l y s e t p o w e r s t a t e s o f d e v i c e s t h a t a r e p o w e r m a n a g e a b l e ( A m o s K o n g ) [ 1 1 4 2 6 8 3 ] b r > - [ x 8 6 ] s e t u p : M a r k I n t e l H a s w e l l U L T a s s u p p o r t e d ( P r a r i t B h a r g a v a ) [ 1 1 5 9 0 0 6 ] b r > - [ k e r n e l ] s c h e d : F i x u n r e l e a s e d l l c _ s h a r e d _ m a s k b i t d u r i n g C P U h o t p l u g ( T a k a h i r o M U N E D A ) [ 1 1 1 6 2 9 4 ] b r > - [ m m ] d o n o t w a l k a l l o f s y s t e m m e m o r y d u r i n g s h o w _ m e m ( J o h a n n e s W e i n e r ) [ 1 1 2 5 4 3 3 ] b r > - [ m m ] r e m o v e n o i s y r e m a i n d e r o f t h e s c a n _ u n e v i c t a b l e i n t e r f a c e ( J o h a n n e s W e i n e r ) [ 1 1 1 1 2 1 5 ] b r > - [ p c i ] R e n a m e s y s f s ' e n a b l e d ' f i l e b a c k t o ' e n a b l e ' ( M y r o n S t o w e ) [ 1 1 5 9 6 5 5 ] b r > - [ k e r n e l ] s c h e d / f a i r : C a r e d i v i d e e r r o r i n u p d a t e _ t a s k _ s c a n _ p e r i o d ( ) ( M o t o h i r o K o s a k i ) [ 1 1 4 0 9 7 9 ] b r > - [ p o w e r p c ] n u m a : e n s u r e p e r - c p u N U M A m a p p i n g s a r e c o r r e c t o n t o p o l o g y u p d a t e ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] n u m a : u s e c a c h e d v a l u e o f u p d a t e - > c p u i n u p d a t e _ c p u _ t o p o l o g y ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] n u m a : A d d a b i l i t y t o d i s a b l e a n d d e b u g t o p o l o g y u p d a t e s ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] n u m a : c h e c k e r r o r r e t u r n f r o m p r o c _ c r e a t e ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] s o m e c h a n g e s i n n u m a _ s e t u p _ c p u ( ) ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] O n l y s e t n u m a n o d e i n f o r m a t i o n f o r p r e s e n t c p u s a t b o o t t i m e ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] F i x w a r n i n g r e p o r t e d b y v e r i f y _ c p u _ n o d e _ m a p p i n g ( ) ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] r e o r d e r p e r - c p u N U M A i n f o r m a t i o n s i n i t i a l i z a t i o n ( G u s t a v o D u a r t e ) [ 1 1 5 0 0 9 7 ] b r > - [ p o w e r p c ] p s e r i e s : M a k e C P U h o t p l u g p a t h e n d i a n s a f e ( S t e v e B e s t ) [ 1 1 5 9 5 7 9 ] b r > - [ p o w e r p c ] p s e r i e s : F i x e n d i a n i s s u e s i n c p u h o t - r e m o v a l ( S t e v e B e s t ) [ 1 1 5 9 5 7 9 ] b r > - [ p o w e r p c ] p s e r i e s : F i x e n d i a n i s s u e s i n o n l i n i n g c p u t h r e a d s ( S t e v e B e s t ) [ 1 1 5 9 5 7 9 ] b r > - [ x 8 6 ] s m p b o o t : F i x u p t y p o i n t o p o l o g y d e t e c t i o n ( P r a r i t B h a r g a v a ) [ 1 1 5 6 6 5 5 ] b r > - [ x 8 6 ] s m p b o o t : A d d n e w t o p o l o g y f o r m u l t i - N U M A - n o d e C P U s ( P r a r i t B h a r g a v a ) [ 1 1 5 8 2 6 9 ] b r > - [ k e r n e l ] s c h e d : R e w o r k s c h e d _ d o m a i n t o p o l o g y d e f i n i t i o n ( P r a r i t B h a r g a v a ) [ 1 1 5 8 2 6 9 ] b r > - [ u s b ] h u b : t a k e h u b - > h d e v r e f e r e n c e w h e n p r o c e s s i n g f r o m e v e n t l i s t ( D o n Z i c k u s ) [ 1 1 5 1 5 0 8 ] b r > - [ u s b ] e h c i : u n l i n k Q H s e v e n a f t e r t h e c o n t r o l l e r h a s s t o p p e d ( D o n Z i c k u s ) [ 1 1 5 1 4 9 1 ] b r > - [ t o o l s ] t e s t i n g / s e l f t e s t s / p o w e r p c : C o r r e c t D S C R d u r i n g T M c o n t e x t s w i t c h ( G u s t a v o D u a r t e ) [ 1 1 3 4 5 1 1 ] b r > - [ t o o l s ] t e s t i n g / s e l f t e s t s : A d d i n f r a s t r u c t u r e f o r p o w e r p c s e l f t e s t s ( G u s t a v o D u a r t e ) [ 1 1 3 4 5 1 1 ] b r > - [ s c s i ] i b m v s c s i : A b o r t i n i t s e q u e n c e d u r i n g e r r o r r e c o v e r y ( G u s t a v o D u a r t e ) [ 1 1 0 5 4 9 6 ] b r > - [ s c s i ] i b m v s c s i : A d d m e m o r y b a r r i e r s f o r s e n d / r e c e i v e ( G u s t a v o D u a r t e ) [ 1 1 0 5 4 9 6 ] b r > - [ x 8 6 ] f p u : _ _ r e s t o r e _ x s t a t e _ s i g ( ) - > m a t h _ s t a t e _ r e s t o r e ( ) n e e d s p r e e m p t _ d i s a b l e ( ) ( O l e g N e s t e r o v ) [ 1 1 2 1 7 8 4 ] b r > - [ x 8 6 ] f p u : s h i f t d r o p _ i n i t _ f p u ( ) f r o m s a v e _ x s t a t e _ s i g ( ) t o h a n d l e _ s i g n a l ( ) ( O l e g N e s t e r o v ) [ 1 1 2 1 7 8 4 ] b r > b r > [ 3 . 1 0 . 0 - 2 0 0 ] b r > - [ f s ] e x t 4 : f i x w r o n g a s s e r t i n e x t 4 _ m b _ n o r m a l i z e _ r e q u e s t ( ) ( L u k a s C z e r n e r ) [ 1 1 4 6 0 4 6 ] b r > - [ m m ] R e m o v e f a l s e W A R N _ O N f r o m p a g e c a c h e _ i s i z e _ e x t e n d e d ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : c h e c k s _ c h k s u m _ d r i v e r w h e n l o o k i n g f o r b g c s u m p r e s e n c e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : m o v e e r r o r r e p o r t o u t o f a t o m i c c o n t e x t i n e x t 4 _ i n i t _ b l o c k _ b i t m a p ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : R e p l a c e o p e n c o d e d m d a t a c s u m f e a t u r e t o h e l p e r f u n c t i o n ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x r e s e r v a t i o n o v e r f l o w i n e x t 4 _ d a _ w r i t e _ b e g i n ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a d d e x t 4 _ i g e t _ n o r m a l ( ) w h i c h i s t o b e u s e d f o r d i r t r e e l o o k u p s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : d o n t o r p h a n o r t r u n c a t e t h e b o o t l o a d e r i n o d e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : g r a b m i s s e d w r i t e _ c o u n t f o r E X T 4 _ I O C _ S W A P _ B O O T ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : g e t r i d o f c o d e d u p l i c a t i o n ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x o v e r - d e f e n s i v e c o m p l a i n t a f t e r j o u r n a l a b o r t ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x r e t u r n v a l u e o f e x t 4 _ d o _ u p d a t e _ i n o d e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x m m a p d a t a c o r r u p t i o n w h e n b l o c k s i z e p a g e s i z e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] v f s : f i x d a t a c o r r u p t i o n w h e n b l o c k s i z e p a g e s i z e f o r m m a p e d d a t a ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : d o n t c h e c k q u o t a f o r m a t w h e n t h e r e a r e n o q u o t a f i l e s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] j b d 2 : a v o i d p o i n t l e s s s c a n n i n g o f c h e c k p o i n t l i s t s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : e x p l i c i t l y i n f o r m u s e r a b o u t o r p h a n l i s t c l e a n u p ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] j b d 2 : j b d 2 _ l o g _ w a i t _ f o r _ s p a c e i m p r o v e e r r o r d e t e t c i o n ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] j b d 2 : f r e e b h w h e n d e s c r i p t o r b l o c k c h e c k s u m f a i l s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : c h e c k E A v a l u e o f f s e t w h e n l o a d i n g ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : d o n t k e e p u s i n g p a g e i f i n l i n e c o n v e r s i o n f a i l s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : v a l i d a t e e x t e r n a l j o u r n a l s u p e r b l o c k c h e c k s u m ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] j b d 2 : f i x j o u r n a l c h e c k s u m f e a t u r e f l a g h a n d l i n g ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : p r o v i d e s e p a r a t e o p e r a t i o n s f o r s y s f s f e a t u r e f i l e s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a d d s y s f s e n t r y s h o w i n g w h e t h e r t h e f s c o n t a i n s e r r o r s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e n u m b e r E X T 4 _ E X _ * f l a g s t o a v o i d f l a g a l i a s i n g p r o b l e m s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x c o m m e n t s a b o u t g e t _ b l o c k s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x a c c i d e n t a l f l a g a l i a s i n g i n e x t 4 _ m a p _ b l o c k s f l a g s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x Z E R O _ R A N G E b u g h i d d e n b y f l a g a l i a s i n g ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : u s e e x t 4 _ u p d a t e _ i _ d i s k s i z e i n s t e a d o f o p e n c o d e d o n e s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e m o v e a d u p l i c a t e c a l l i n e x t 4 _ i n i t _ n e w _ d i r ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a d d m i s s i n g B U F F E R _ T R A C E b e f o r e e x t 4 _ j o u r n a l _ g e t _ w r i t e _ a c c e s s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : c h e c k i n l i n e d i r e c t o r y b e f o r e c o n v e r t i n g ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x i n c o r r e c t l o c k i n g i n m o v e _ e x t e n t _ p e r _ p a g e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : u s e c o r r e c t d e p t h v a l u e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a d d i _ d a t a _ s e m s a n i t y c h e c k ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x w r o n g s i z e c o m p u t a t i o n i n e x t 4 _ m b _ n o r m a l i z e _ r e q u e s t ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : m a k e e x t 4 _ h a s _ i n l i n e _ d a t a ( ) a s a i n l i n e f u n c t i o n ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e m o v e r e a d p a g e ( ) c h e c k i n e x t 4 _ m m a p _ f i l e ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e m o v e m e t a d a t a r e s e r v a t i o n c h e c k s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e a r r a n g e i n i t i a l i z a t i o n t o f i x E X T 4 F S _ D E B U G ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x p o t e n t i a l n u l l p o i n t e r d e r e f e r e n c e i n e x t 4 _ f r e e _ i n o d e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : d e c r e m e n t f r e e c l u s t e r s / i n o d e s c o u n t e r s w h e n b l o c k g r o u p d e c l a r e d b a d ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : h a n d l e s y m l i n k p r o p e r l y w i t h i n l i n e _ d a t a ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e d u c e c o n t e n t i o n o n s _ o r p h a n _ l o c k ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : u s e s b i i n e x t 4 _ o r p h a n _ [ a d d | d e l ] ( ) ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e m o v e u n n e c e s s a r y d o u b l e p a r e n t h e s e s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : d o n o t d e s t r o y e x t 4 _ g r o u p i n f o _ c a c h e s i f e x t 4 _ m b _ i n i t ( ) f a i l s ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : m a k e l o c a l f u n c t i o n s s t a t i c ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x b l o c k b i t m a p v a l i d a t i o n w h e n b i g a l l o c , ^ f l e x _ b g ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i x b l o c k b i t m a p i n i t i a l i z a t i o n u n d e r s p a r s e _ s u p e r 2 ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : f i n d t h e g r o u p d e s c r i p t o r s o n a 1 k - b l o c k b i g a l l o c , m e t a _ b g f i l e s y s t e m ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a v o i d u n n e e d e d l o o k u p w h e n x a t t r n a m e i s i n v a l i d ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e m o v e o b s o l e t e d c h e c k ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : a d d a n e w s p i n l o c k i _ r a w _ l o c k t o p r o t e c t t h e e x t 4 s r a w i n o d e ( L u k a s C z e r n e r ) [ 1 1 5 6 0 9 6 ] b r > - [ f s ] e x t 4 : r e v e r t D i s a b l e p u n c h h o l e o n n o n - e x t e n t m a p p e d f i l e s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 8 ] b r > - [ f s ] e x t 4 : f i x t r a n s a c t i o n i s s u e s f o r e x t 4 _ f a l l o c a t e a n d e x t _ z e r o _ r a n g e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : m o v e i _ s i z e , i _ d i s k s i z e u p d a t e r o u t i n e s t o h e l p e r f u n c t i o n ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x i n c o r e c t j o u r n a l c r e d i t s r e s e r v a t i o n i n e x t 4 _ z e r o _ r a n g e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x C O L L A P S E R A N G E t e s t f o r b i g a l l o c f i l e s y s t e m s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x p u n c h h o l e o n f i l e s w i t h i n d i r e c t m a p p i n g ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : F i x b l o c k z e r o i n g w h e n p u n c h i n g h o l e s i n i n d i r e c t b l o c k f i l e s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x Z E R O _ R A N G E t e s t f a i l u r e i n d a t a j o u r n a l l i n g ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : u s e E X T _ M A X _ B L O C K S i n e x t 4 _ e s _ c a n _ b e _ m e r g e d ( ) ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : r e n a m e u n i n i t i a l i z e d e x t e n t s t o u n w r i t t e n ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : d i s a b l e C O L L A P S E _ R A N G E f o r b i g a l l o c ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x C O L L A P S E _ R A N G E f a i l u r e w i t h 1 K B b l o c k s i z e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : u s e E I N V A L i f n o t a r e g u l a r f i l e i n e x t 4 _ c o l l a p s e _ r a n g e ( ) ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : e n f o r c e w e a r e o p e r a t i n g o n a r e g u l a r f i l e i n e x t 4 _ z e r o _ r a n g e ( ) ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x e x t e n t m e r g i n g i n e x t 4 _ e x t _ s h i f t _ p a t h _ e x t e n t s ( ) ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : d i s c a r d p r e a l l o c a t i o n s a f t e r r e m o v i n g s p a c e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : n o n e e d t o t r u n c a t e p a g e c a c h e t w i c e i n c o l l a p s e r a n g e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x r e m o v i n g s t a t u s e x t e n t s i n e x t 4 _ c o l l a p s e _ r a n g e ( ) ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : u s e f i l e m a p _ w r i t e _ a n d _ w a i t _ r a n g e ( ) c o r r e c t l y i n c o l l a p s e r a n g e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : u s e t r u n c a t e _ p a g e c a c h e ( ) i n c o l l a p s e r a n g e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : a l w a y s c h e c k e x t 4 _ e x t _ f i n d _ e x t e n t r e s u l t ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : C O L L A P S E _ R A N G E o n l y w o r k s o n e x t e n t - b a s e d f i l e s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x b y t e o r d e r p r o b l e m s i n t r o d u c e d b y t h e C O L L A P S E _ R A N G E p a t c h e s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : d i s a l l o w a l l f a l l o c a t e o p e r a t i o n o n a c t i v e s w a p f i l e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : m o v e f a l l o c c o l l a p s e r a n g e c h e c k i n t o t h e f i l e s y s t e m m e t h o d s ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : f i x C O L L A P S E _ R A N G E t e s t f a i l u r e i n d a t a j o u r n a l l i n g m o d e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : r e m o v e u n n e e d e d t e s t o f r e t v a r i a b l e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : I n t r o d u c e F A L L O C _ F L _ Z E R O _ R A N G E f l a g f o r f a l l o c a t e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : I n t r o d u c e F A L L O C _ F L _ Z E R O _ R A N G E f l a g f o r f a l l o c a t e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : r e f a c t o r e x t 4 _ f a l l o c a t e c o d e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : U p d a t e i n o d e i _ s i z e a f t e r t h e p r e a l l o c a t i o n ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : A d d n e w f l a g ( F A L L O C _ F L _ C O L L A P S E _ R A N G E ) f o r f a l l o c a t e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > - [ f s ] e x t 4 : A d d s u p p o r t F A L L O C _ F L _ C O L L A P S E _ R A N G E f o r f a l l o c a t e ( L u k a s C z e r n e r ) [ 1 1 5 0 1 7 1 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 3 6 9 0 . h t m l \" > C V E - 2 0 1 4 - 3 6 9 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 3 9 4 0 . h t m l \" > C V E - 2 0 1 4 - 3 9 4 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 8 2 5 . h t m l \" > C V E - 2 0 1 4 - 7 8 2 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 8 2 6 . h t m l \" > C V E - 2 0 1 4 - 7 8 2 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 0 8 6 . h t m l \" > C V E - 2 0 1 4 - 8 0 8 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 6 0 . h t m l \" > C V E - 2 0 1 4 - 8 1 6 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 7 2 . h t m l \" > C V E - 2 0 1 4 - 8 1 7 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 7 3 . h t m l \" > C V E - 2 0 1 4 - 8 1 7 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 7 0 9 . h t m l \" > C V E - 2 0 1 4 - 8 7 0 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 8 8 4 . h t m l \" > C V E - 2 0 1 4 - 8 8 8 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 0 2 7 4 . h t m l \" > C V E - 2 0 1 5 - 0 2 7 4 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 3 . 1 0 . 0 - 2 2 9 . e l 7 . s r c . r p m / t d > t d > 5 c a f 4 4 b 0 6 9 e 2 1 d 4 3 5 e 0 c a 8 5 0 8 0 8 5 a 5 1 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 8 b e f 4 d 5 5 7 c 5 5 9 d e 3 1 4 1 c 6 a 8 8 e a f c d 3 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 3 . 1 0 . 0 - 2 2 9 . e l 7 . n o a r c h . r p m / t d > t d > 3 c 8 3 5 f 4 8 6 5 7 1 8 f b 6 1 1 c 2 c f 3 5 c 8 a 9 f 7 2 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > b 7 3 f 1 4 7 1 e f 1 7 9 d c 2 6 e 8 a 8 7 b c 9 1 3 d c e f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 8 8 7 5 9 5 1 4 d f 7 3 b f 1 9 0 a 2 a b d 6 7 a 1 3 3 7 e 4 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 4 5 d f 1 1 5 a d 7 3 b 0 6 1 9 3 a a 1 c e 5 e 3 c 2 9 6 f c e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 3 . 1 0 . 0 - 2 2 9 . e l 7 . n o a r c h . r p m / t d > t d > e e 9 4 d d 9 c c 8 d 7 7 7 8 2 1 4 2 f 0 a 8 8 a a 7 8 0 b 7 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 9 8 9 0 c 1 a f 6 4 4 f 4 3 b b 2 3 3 f 0 6 3 4 4 4 c 7 2 6 1 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 4 6 3 1 9 1 e 7 6 4 5 6 4 4 1 4 7 8 b 0 0 b 0 a d 5 4 7 8 6 5 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > d f 1 6 a c a 1 b 7 7 e b b 6 2 a 0 5 6 a 2 d 2 a 6 3 8 4 c 9 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - d e v e l - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 5 6 a 3 4 a 3 3 b 6 a 1 6 6 a 9 2 2 5 5 7 a 5 8 9 8 e c 4 4 d 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 2 e f 5 9 b 1 3 2 2 e 6 3 0 6 4 3 9 b 7 0 1 9 0 f d 7 0 1 9 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 3 . 1 0 . 0 - 2 2 9 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 7 d e e 7 3 2 0 1 1 5 e c c e 3 2 9 7 2 1 a 1 6 7 4 d c 3 b 3 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 2 4 7 3 - 1 . h t m l \" > E L S A - 2 0 1 7 - 2 4 7 3 - 1 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2015-03-11T00:00:00", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3940", "CVE-2014-7825", "CVE-2014-8160", "CVE-2014-7841", "CVE-2015-0274", "CVE-2014-8173", "CVE-2014-9322", "CVE-2014-8709", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-8884", "CVE-2014-3690", "CVE-2014-8172", "CVE-2014-8086", "CVE-2014-5471", "CVE-2014-7826"], "modified": "2015-03-11T00:00:00", "id": "ELSA-2015-0290", "href": "http://linux.oracle.com/errata/ELSA-2015-0290.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:44", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-55.1.8.el6uek-0.4.3-4.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-55.1.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-55.1.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-55.1.8.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-55.1.8.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-55.1.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-55.1.8.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-55.1.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-55.1.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-55.1.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-55.1.8.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-55.1.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-55.1.8.el7uek-0.4.3-4.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-55.1.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-55.1.8.el6uek-0.4.3-4.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-55.1.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-55.1.8.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-55.1.8.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-55.1.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-55.1.8.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-55.1.8.el7uek-0.4.3-4.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-55.1.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-55.1.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-55.1.8.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-55.1.8]\n- kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687313] {CVE-2014-3601} {CVE-2014-8369} {CVE-2014-3601}\n[3.8.13-55.1.7]\n- ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673376] {CVE-2014-8884}\n- mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673281] {CVE-2014-8173}\n- netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20673239] {CVE-2014-8160}\n- tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673163] {CVE-2014-7826}", "edition": 3, "reporter": "Oracle", "published": "2015-03-13T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8369", "CVE-2014-7825", "CVE-2014-8160", "CVE-2014-8173", "CVE-2014-3601", "CVE-2014-8884", "CVE-2014-7826"], "modified": "2015-03-13T00:00:00", "id": "ELSA-2015-3013", "href": "http://linux.oracle.com/errata/ELSA-2015-3013.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:57", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.264.13.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.264.13.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.264.13.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.264.13.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.264.13.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.264.13.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.264.13.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}], "description": "[2.6.39-400.264.13]\n- KEYS: Don't permit request_key() to construct a new keyring (David Howells) [Orabug: 22373449] {CVE-2015-7872}\n[2.6.39-400.264.12]\n- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: include crypto- module prefix in template (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: 22249656] {CVE-2013-7421} {CVE-2014-9644}\n[2.6.39-400.264.11]\n- KVM: x86: Don't report guest userspace emulation error to userspace (Nadav Amit) [Orabug: 22249615] {CVE-2010-5313} {CVE-2014-7842}\n[2.6.39-400.264.9]\n- msg_unlock() in wrong spot after applying 'Initialize msg/shm IPC objects before doing ipc_addid()' (Chuck Anderson) [Orabug: 22250044] {CVE-2015-7613} {CVE-2015-7613}\n[2.6.39-400.264.8]\n- ipc/sem.c: fully initialize sem_array before making it visible (Manfred Spraul) [Orabug: 22250044] {CVE-2015-7613}\n- Initialize msg/shm IPC objects before doing ipc_addid() (Linus Torvalds) [Orabug: 22250044] {CVE-2015-7613}\n[2.6.39-400.264.7]\n- KVM: svm: unconditionally intercept #DB (Paolo Bonzini) [Orabug: 22333698] {CVE-2015-8104} {CVE-2015-8104}\n- KVM: x86: work around infinite loop in microcode when #AC is delivered (Eric Northup) [Orabug: 22333689] {CVE-2015-5307} {CVE-2015-5307}\n[2.6.39-400.264.6]\n- mlx4_core: Introduce restrictions for PD update (Ajaykumar Hotchandani) \n- IPoIB: Drop priv->lock before calling ipoib_send() (Wengang Wang) \n- IPoIB: serialize changing on tx_outstanding (Wengang Wang) [Orabug: 21861366] \n- IB/mlx4: Implement IB_QP_CREATE_USE_GFP_NOIO (Jiri Kosina) \n- IB: Add a QP creation flag to use GFP_NOIO allocations (Or Gerlitz) \n- IB: Return error for unsupported QP creation flags (Or Gerlitz) \n- IB/ipoib: Calculate csum only when skb->ip_summed is CHECKSUM_PARTIAL (Yuval Shaia) [Orabug: 20873175]", "edition": 3, "reporter": "Oracle", "published": "2016-01-08T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-9644", "CVE-2010-5313", "CVE-2015-7872", "CVE-2015-5307", "CVE-2015-7613", "CVE-2013-7421", "CVE-2014-7842", "CVE-2015-8104"], "modified": "2016-01-08T00:00:00", "id": "ELSA-2016-3502", "href": "http://linux.oracle.com/errata/ELSA-2016-3502.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:38:46", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-68.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-68.el7uek-0.4.3-4.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-68.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-68.el7uek-0.4.3-4.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-68.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-68.el6uek-0.4.3-4.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-68.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-68.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-68.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-68.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-68.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-68.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-68.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-68.el6uek-0.4.3-4.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-68.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-68.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-68.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-68.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-68.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-68.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-68.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-68.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-68.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-68.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-68]\n- ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673373] {CVE-2014-8884}\n- mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673279] {CVE-2014-8173}\n- netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20673235] {CVE-2014-8160}\n[3.8.13-67]\n- sparc64: Remove deprecated __GFP_NOFAIL from mdesc_kmalloc (Eric Snowberg) [Orabug: 20055909] \n- x86/xen: allow privcmd hypercalls to be preempted (David Vrabel) [Orabug: 20618880] \n- sched: Expose preempt_schedule_irq() (Thomas Gleixner) [Orabug: 20618880] \n- xen-netfront: Fix handling packets on compound pages with skb_linearize (Zoltan Kiss) [Orabug: 19546077] \n- qla2xxx: Add adapter checks for FAWWN functionality. (Saurav Kashyap) [Orabug: 20474227] \n- config: enable CONFIG_MODULE_SIG_SHA512 (Guangyu Sun) [Orabug: 20611400] \n- net: rds: use correct size for max unacked packets and bytes (Sasha Levin) [Orabug: 20585918] \n- watchdog: w83697hf_wdt: return ENODEV if no device was found (Stanislav Kholmanskikh) [Orabug: 18122938] \n- NVMe: Disable pci before clearing queue (Keith Busch) [Orabug: 20564650]\n[3.8.13-66]\n- bnx2fc: upgrade to 2.8.2 (Dan Duval) [Orabug: 20523502] \n- bnx2i: upgrade to 2.11.0.0 (Dan Duval) [Orabug: 20523502] \n- bnx2x: upgrade to 1.712.10 (Dan Duval) [Orabug: 20523502] \n- cnic: upgrade to 2.721.01 (Dan Duval) [Orabug: 20523502] \n- bnx2: upgrade to 2.712.01 (Dan Duval) [Orabug: 20523502] \n- Update lpfc version for 10.6.61 (rkennedy) [Orabug: 20539686] \n- Remove consolidated merge lines from previous patch, they require a 3.19 kernel to build with. (rkennedy) [Orabug: 20539686] \n- Implement support for wire-only DIF devices (rkennedy) [Orabug: 20539686] \n- lpfc: Update copyright to 2015 (rkennedy) [Orabug: 20539686] \n- lpfc: Update Copyright on changed files (James Smart) [Orabug: 20539686] \n- lpfc: Fix for lun discovery issue with 8Gig adapter. (rkennedy) [Orabug: 20539686] \n- lpfc: Fix crash in device reset handler. (rkennedy) [Orabug: 20539686] \n- lpfc: application causes OS crash when running diagnostics (rkennedy) [Orabug: 20539686] \n- lpfc: Fix internal loopback failure (rkennedy) [Orabug: 20539686] \n- lpfc: Fix premature release of rpi bit in bitmask (rkennedy) [Orabug: 20539686] \n- lpfc: Initiator sends wrong BBCredit value for either FLOGI or FLOGI_ACC (rkennedy) [Orabug: 20539686] \n- lpfc: Fix null ndlp derefernce in target_reset_handler (rkennedy) [Orabug: 20539686] \n- lpfc: Fix FDMI Fabric support (rkennedy) [Orabug: 20539686] \n- lpfc: Fix provide host name and OS name in RSNN-NN FC-GS command (rkennedy) [Orabug: 20539686] \n- lpfc: Parse the new 20G, 25G and 40G link speeds in the lpfc driver (rkennedy) [Orabug: 20539686] \n- lpfc: lpfc does not support option_rom_version sysfs attribute on newer adapters (rkennedy) [Orabug: 20539686] \n- lpfc: Fix setting of EQ delay Multiplier (rkennedy) [Orabug: 20539686] \n- lpfc: Fix host reset escalation killing all IOs. (rkennedy) [Orabug: 20539686] \n- lpfc: Linux lpfc driver doesnt re-establish the link after a cable pull on LPe12002 (rkennedy) [Orabug: 20539686] \n- lpfc: Fix to handle PLOGI when already logged in (rkennedy) [Orabug: 20539686] \n- lpfc: EnableBootCode from hbacmd fails on Lancer (rkennedy) [Orabug: 20539686] \n- lpfc: Add Lancer Temperature Event support to the lpfc driver (rkennedy) [Orabug: 20539686] \n- lpfc: Fix the iteration count to match the 30 sec comment (rkennedy) [Orabug: 20539686] \n- lpfc: fix low priority issues from fortify source code scan (James Smart) [Orabug: 20539686] \n- lpfc: fix high priority issues from fortify source code scan (James Smart) [Orabug: 20539686] \n- lpfc: fix for handling unmapped ndlp in target reset handler (James Smart) [Orabug: 20539686] \n- lpfc: fix crash from page fault caused by use after rport delete (James Smart) [Orabug: 20539686] \n- lpfc: fix locking issues with abort data paths (James Smart) [Orabug: 20539686] \n- lpfc: fix race between LOGO/PLOGI handling causing NULL pointer (James Smart) [Orabug: 20539686] \n- lpfc: fix quarantined XRI recovery qualifier state in link bounce (James Smart) [Orabug: 20539686] \n- lpfc: fix discovery timeout during nameserver login (James Smart) [Orabug: 20539686] \n- lpfc: fix IP Reset processing - wait for RDY before proceeding (James Smart) [Orabug: 20539686] \n- lpfc: Update lpfc version to driver version 10.2.8000.0 (James Smart) [Orabug: 20539686] \n- net: Check for presence of IFLA_AF_SPEC (Thomas Graf) [Orabug: 20382857] \n- net: Validate IFLA_BRIDGE_MODE attribute length (Thomas Graf) [Orabug: 20382857] \n- be2net: fix alignment on line wrap (Kalesh AP) [Orabug: 20382857] \n- be2net: remove multiple assignments on a single line (Kalesh AP) [Orabug: 20382857] \n- be2net: remove space after typecasts (Kalesh AP) [Orabug: 20382857] \n- be2net: remove unnecessary blank lines after an open brace (Kalesh AP) [Orabug: 20382857] \n- be2net: insert a blank line after function/struct//enum definitions (Kalesh AP) [Orabug: 20382857] \n- be2net: remove multiple blank lines (Kalesh AP) [Orabug: 20382857] \n- be2net: add blank line after declarations (Kalesh AP) [Orabug: 20382857] \n- be2net: remove return statements for void functions (Kalesh AP) [Orabug: 20382857] \n- be2net: add speed reporting for 20G-KR interface (Vasundhara Volam) [Orabug: 20382857] \n- be2net: add speed reporting for 40G/KR interface (Kalesh AP) [Orabug: 20382857] \n- be2net: fix sparse warnings in be_cmd_req_port_type{} (Suresh Reddy) [Orabug: 20382857] \n- be2net: fix a sparse warning in be_cmd_modify_eqd() (Kalesh AP) [Orabug: 20382857] \n- enic: fix rx napi poll return value (Govindarajulu Varadarajan) [Orabug: 20342354] \n- net: rename vlan_tx_* helpers since 'tx' is misleading there (Jiri Pirko) [Orabug: 20342354] \n- enic: free all rq buffs when allocation fails (Govindarajulu Varadarajan) [Orabug: 20342354] \n- net: ethernet: cisco: enic: enic_dev: Remove some unused functions (Rickard Strandqvist) [Orabug: 20342354] \n- enic: add stats for dma mapping error (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: check dma_mapping_error (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: make vnic_wq_buf doubly linked (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix rx skb checksum (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix work done in tx napi_poll (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: update desc properly in rx_copybreak (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: handle error condition properly in enic_rq_indicate_buf (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: Do not call napi_disable when preemption is disabled. (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix possible deadlock in enic_stop/ enic_rfs_flw_tbl_free (Govindarajulu Varadarajan) [Orabug: 20342354] \n- drivers/net: Convert remaining uses of pr_warning to pr_warn (Joe Perches) [Orabug: 20342354] \n- enic: implement rx_copybreak (Govindarajulu Varadarajan) [Orabug: 20342354] \n- PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use (Benoit Taine) [Orabug: 20342354] \n- enic: add pci_zalloc_consistent to kcompat.h (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: use pci_zalloc_consistent (Joe Perches) [Orabug: 20342354] \n- enic: Add ethtool support to show classifier filters added by the driver (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: remove #ifdef CONFIG_RFS_ACCEL around filter structures (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix return values in enic_set_coalesce (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix compile issue when CONFIG_NET_RX_BUSY_POLL is N (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: add kcompat file (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: Make dummy rfs functions inline to fix !CONFIG_RFS_ACCEL build (Geert Uytterhoeven) [Orabug: 20342354] \n- enic: do tx cleanup in napi poll (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: add low latency socket busy_poll support (Govindarajulu Varadarajan) [Orabug: 20342354] \n- net: vlan: add protocol argument to packet tagging functions (Patrick McHardy) [Orabug: 20342354] \n- net: vlan: prepare for 802.1ad VLAN filtering offload (Patrick McHardy) [Orabug: 20342354] \n- net: vlan: rename NETIF_F_HW_VLAN_* feature flags to NETIF_F_HW_VLAN_CTAG_* (Patrick McHardy) [Orabug: 20342354] \n- enic: fix lockdep around devcmd_lock (Tony Camuso) [Orabug: 20342354] \n- enic: Add Accelerated RFS support (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: alloc/free rx_cpu_rmap (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: devcmd for adding IP 5 tuple hardware filters (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: fix return value in _vnic_dev_cmd (Govindarajulu Varadarajan) [Orabug: 20342354] \n- net: use SPEED_UNKNOWN and DUPLEX_UNKNOWN when appropriate (Jiri Pirko) [Orabug: 20342354] \n- enic: Fix 64 bit divide on 32bit system (Govindarajulu Varadarajan) [Orabug: 20342354] \n- enic: Add support for adaptive interrupt coalescing (Sujith Sankar) [Orabug: 20342354] \n- net: get rid of SET_ETHTOOL_OPS (Wilfried Klaebe) [Orabug: 20342354] \n- enic: Use pci_enable_msix_range() instead of pci_enable_msix() (Alexander Gordeev) [Orabug: 20342354] \n- bnx2x: Not use probe_defer (Vaughan Cao) [Orabug: 20405577] \n- Revert 'nfsd4: fix leak of inode reference on delegation failure' (Dan Duval) [Orabug: 20280060] \n- ipoib/ib core: set module_unload_allowed = 0 as default (Qing Huang) [Orabug: 20048920] \n- xfs: fix directory hash ordering bug (Mark Tinguely) [Orabug: 19695297] \n- xfs: fix node forward in xfs_node_toosmall (Mark Tinguely) [Orabug: 19695297] \n- XFS: Assertion failed: first <= last && last < BBTOB(bp->b_length), file: fs/xfs/xfs_trans_buf.c, line: 568 (Dave Chinner) [Orabug: 19695297] \n- mlx4_vnic: Skip fip discover restart if pkey index not changed (Yuval Shaia) [Orabug: 19153757]\n[3.8.13-65]\n- uek-rpm: ol7: update update-el to 7.1 (Guangyu Sun) [Orabug: 20524699]\n[3.8.13-64]\n- storvsc: ring buffer failures may result in I/O freeze (Long Li) [Orabug: 20328185] \n- crypto: add missing crypto module aliases (Mathias Krause) [Orabug: 20429934] {CVE-2013-7421}\n- crypto: include crypto- module prefix in template (Kees Cook) [Orabug: 20429934] {CVE-2014-9644}\n- crypto: prefix module autoloading with 'crypto-' (Kees Cook) [Orabug: 20429934] {CVE-2013-7421}\n- be2iscsi : Bump the driver version (John Soni Jose) [Orabug: 20426078] \n- be2iscsi : Fix memory leak in the unload path (John Soni Jose) [Orabug: 20426078] \n- be2iscsi : Fix the PCI request region reserving. (John Soni Jose) [Orabug: 20426078] \n- be2iscsi : Fix the retry count for boot targets (John Soni Jose) [Orabug: 20426078] \n- fuse: Ensure request structure is not modified after being reused. (Ashish Samant) [Orabug: 20396380] \n- x86, apic, kexec: Add disable_cpu_apicid kernel parameter (HATAYAMA Daisuke) [Orabug: 20344754] \n- nfsd4: zero op arguments beyond the 8th compound op (J. Bruce Fields) [Orabug: 20070817] \n- ocfs2: implement delayed dropping of last dquot reference (Jan Kara) [Orabug: 19559063] \n- ib/sdp: fix null dereference of sk->sk_wq in sdp_rx_irq() (Chuck Anderson) [Orabug: 20482741]\n[3.8.13-63]\n- ext4: protect write with sb_start/end_write in ext4_file_dio_write (Guangyu Sun) [Orabug: 20427284] \n- fs/pipe.c: skip file_update_time on frozen fs (Dmitry Monakhov) [Orabug: 20427126] \n- hpsa: remove 'action required' phrasing (Stephen M. Cameron) [Orabug: 20363086] \n- hpsa: remove spin lock around command allocation (Stephen M. Cameron) [Orabug: 20363086] \n- hpsa: always call pci_set_master after pci_enable_device (Robert Elliott) [Orabug: 20363086] \n- hpsa: Convert SCSI LLD ->queuecommand() for host_lock less operation (Nicholas Bellinger) [Orabug: 20363086] \n- hpsa: do not be so noisy about check conditions (Stephen M. Cameron) [Orabug: 20363086] \n- hpsa: use atomics for commands_outstanding (Stephen M. Cameron) [Orabug: 20363086] \n- hpsa: get rid of type/attribute/direction bit field wh e r e p o s s i b l e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : f i x e n d i a n n e s s i s s u e w i t h s c a t t e r g a t h e r e l e m e n t s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : f i x a l l o c a t i o n s i z e s f o r C I S S _ R E P O R T _ L U N s c o m m a n d s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : c o r r e c t o f f - b y - o n e s i z i n g o f c h a i n e d S G b l o c k ( W e b b S c a l e s ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : f i x a c o u p l e p c i i d t a b l e m i s t a k e s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : r e m o v e d e v _ w a r n p r i n t s f r o m R A I D - 1 A D M ( R o b e r t E l l i o t t ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : C l e a n u p w a r n i n g s f r o m s p a r s e . ( D o n B r a c e ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : a d d m i s s i n g p c i _ s e t _ m a s t e r i n k d u m p p a t h ( T o m a s H e n z l ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : r e f i n e t h e p c i e n a b l e / d i s a b l e h a n d l i n g ( T o m a s H e n z l ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - h p s a : F a l l b a c k t o M S I r a t h e r t h a n t o I N T x i f M S I - X f a i l e d ( A l e x a n d e r G o r d e e v ) [ O r a b u g : 2 0 3 6 3 0 8 6 ] b r > - l i b a t a : p r e v e n t H S M s t a t e c h a n g e r a c e b e t w e e n I S R a n d P I O ( D a v i d J e f f e r y ) [ O r a b u g : 2 0 0 1 9 3 0 2 ] b r > b r > [ 3 . 8 . 1 3 - 6 2 ] b r > - i 4 0 e : B u m p i 4 0 e v e r s i o n t o 1 . 2 . 2 a n d i 4 0 e v f v e r s i o n t o 1 . 0 . 6 ( C a t h e r i n e S u l l i v a n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : g e t p f _ i d f r o m H W r a t h e r t h a n P C I f u n c t i o n ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : i n c r e a s e A R Q s i z e ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : I n c r e a s e r e s e t d e l a y ( K e v i n S c o t t ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : m a k e e a r l y i n i t s e q u e n c e e v e n m o r e r o b u s t ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : f i x n e t d e v _ s t a t m a c r o d e f i n i t i o n ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : D e f i n e a n d u s e i 4 0 e _ i s _ v f m a c r o ( A n j a l i S i n g h a i J a i n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : A d d a v i r t u a l c h a n n e l o p t o c o n f i g R S S ( A n j a l i S i n g h a i J a i n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : d o n t e n a b l e P T P s u p p o r t o n m o r e t h a n o n e P F p e r p o r t ( J a c o b K e l l e r ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : a l l o w v a r i o u s b a s e n u m b e r s i n d e b u g f s a q c o m m a n d s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : r e m o v e u s e l e s s d e b u g n o i s e ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : R e m o v e u n n e e d e d b r e a k s t a t e m e n t ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : t r i g g e r S W I N T w i t h n o I T R w a i t ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : r e m o v e u n n e c e s s a r y e l s e ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : m a k e c h e c k p a t c h h a p p y ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : u p d a t e h e a d e r c o m m e n t s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : d o n t o v e r l o a d f i e l d s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : P r e v e n t l i n k f l o w c o n t r o l s e t t i n g s w h e n P F C i s e n a b l e d ( N e e r a v P a r i k h ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : U p d a t e V E B s e n a b l e d _ t c a f t e r r e c o n f i g u r a t i o n ( N e e r a v P a r i k h ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : B u m p v e r s i o n t o 1 . 1 . 2 3 ( C a t h e r i n e S u l l i v a n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : r e - e n a b l e V F L R i n t e r r u p t s o o n e r ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : o n l y w a r n o n c e o f P T P n o n s u p p o r t i n 1 0 0 M b i t s p e e d ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : d o n t u s e m o r e q u e u e s t h a n C P U s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : m a k e e a r l y i n i t p r o c e s s i n g m o r e r o b u s t ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : c l e a n u p t h r o t t l e r a t e c o d e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : d o n t d o l i n k _ s t a t u s o r s t a t s c o l l e c t i o n o n e v e r y A R Q ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : p o l l f i r m w a r e s l o w e r ( K a m i l K r a w c z y k ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : p r o p e r l y p a r s e M D E T r e g i s t e r s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : c o n f i g u r e V M I D i n q t x _ c t l ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : e n a b l e d e b u g e a r l i e r ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : b e t t e r w o r d i n g f o r r e s o u r c e t r a c k i n g e r r o r s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : s c a l e m s i x v e c t o r u s e w h e n m o r e c o r e s t h a n v e c t o r s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : r e m o v e d e b u g f s d u m p s t a t s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : a v o i d d i s a b l e o f i n t e r r u p t w h e n c h a n g i n g I T R ( J e s s e B r a n d e b u r g ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : A d d s u p p o r t f o r 1 0 G b a s e T p a r t s ( P a u l M S t i l l w e l l J r ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : f i x l i n k c h e c k i n g l o g i c ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e v f : p r o p e r l y h a n d l e m u l t i p l e A Q m e s s a g e s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : A d d c o n d i t i o n t o e n t e r f d i r f l u s h a n d r e i n i t ( A k e e m G A b o d u n r i n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : B u m p v e r s i o n ( C a t h e r i n e S u l l i v a n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : M o v i n g v a r i a b l e d e c l a r a t i o n o u t o f t h e l o o p s ( A k e e m G A b o d u n r i n ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : A d d 1 0 G B a s e T s u p p o r t ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > - i 4 0 e : p r o c e s s l i n k e v e n t s w h e n s e t t i n g u p s w i t c h ( M i t c h W i l l i a m s ) [ O r a b u g : 2 0 1 9 9 7 1 4 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 7 4 2 1 . h t m l \" > C V E - 2 0 1 3 - 7 4 2 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 9 6 4 4 . h t m l \" > C V E - 2 0 1 4 - 9 6 4 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 3 6 1 0 . h t m l \" > C V E - 2 0 1 4 - 3 6 1 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 7 9 7 5 . h t m l \" > C V E - 2 0 1 4 - 7 9 7 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 3 4 . h t m l \" > C V E - 2 0 1 4 - 8 1 3 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 3 3 . h t m l \" > C V E - 2 0 1 4 - 8 1 3 3 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 6 8 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . s r c . r p m / t d > t d > 6 1 b 9 8 d 4 9 2 e 6 c 4 0 3 0 a 3 b 0 a a 2 b 3 8 0 b 6 4 6 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . s r c . r p m / t d > t d > 8 7 b e a 7 1 2 a a d 2 d 4 8 2 1 e b e 1 8 b e 7 b 8 6 6 1 9 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 6 8 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > b 1 7 8 4 0 5 6 4 9 4 4 e a 8 c c 1 3 f 6 2 0 5 e b 8 a 8 5 4 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > a 9 f 9 c 8 1 a 9 c 7 e 1 6 0 c f 4 b c 7 8 2 6 6 b 6 2 3 d 8 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 3 6 f c f 8 2 9 a 0 b e 8 3 e 3 1 5 7 c 0 8 3 f 0 2 5 6 0 5 9 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d 3 8 0 2 d 8 c a b 7 c a e 2 1 2 9 6 5 4 5 0 9 f 7 0 1 f e b 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 6 2 a 0 3 0 8 b 5 a 6 9 8 2 e 9 1 6 5 a 1 f 5 7 1 a d 3 8 a 7 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > 9 0 b f 0 6 2 3 4 8 d 0 a 7 2 c 1 f b a c e e 2 0 4 6 1 6 8 5 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 6 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > c d 9 5 c 7 4 2 5 b 4 d 7 8 5 5 4 0 a 2 e e 9 b 4 0 a 7 8 a 6 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 6 8 . e l 7 u e k - 0 . 4 . 3 - 4 . e l 7 . s r c . r p m / t d > t d > 0 6 e a f 1 0 0 6 6 7 6 f 6 0 b b c 5 8 4 2 a e 2 4 9 f 4 e 8 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . s r c . r p m / t d > t d > 4 b 1 e 2 0 8 3 1 e 6 5 a 3 f 0 5 1 a d 8 f a f 6 b 3 c 6 1 2 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 6 8 . e l 7 u e k - 0 . 4 . 3 - 4 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 6 e e a 6 2 d 6 3 e b e 5 4 d 2 e e b c 7 3 5 5 a b 7 b a 4 b 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e f b b 3 2 9 2 b 5 d 6 2 a 3 4 7 5 5 0 d 8 4 5 c f 0 8 7 7 d 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > c 7 e 4 b 0 f 4 7 3 7 3 7 c f 8 8 6 5 2 0 7 c 8 0 d 4 0 7 b 3 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 d e 2 b e c f b 2 8 d c d 9 c 2 9 a d 1 e 9 b c d b 5 9 9 4 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 d 2 8 e 3 8 b e 3 0 1 e 9 3 c c 3 3 7 3 8 7 3 9 c 2 2 3 f 9 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > 8 f d 6 d 6 c 8 a 2 e 6 f 3 2 6 e c 9 c 8 b d 3 c b 4 b d f 3 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 6 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > 2 9 0 7 1 d 2 0 c 0 f 9 d d 1 9 8 a 9 6 0 7 6 4 a 3 3 4 e a 2 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2015-03-19T00:00:00", "title": "Unbreakable Enterprise kernel security and bugfix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-9644", "CVE-2014-8134", "CVE-2014-8160", "CVE-2014-3610", "CVE-2014-8173", "CVE-2014-7975", "CVE-2014-8884", "CVE-2013-7421", "CVE-2014-8133"], "modified": "2015-03-19T00:00:00", "id": "ELSA-2015-3012", "href": "http://linux.oracle.com/errata/ELSA-2015-3012.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:30", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-123.20.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}], "description": "[3.10.0-123.20.1]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-123.20.1]\n- [fs] seq_file: don't include mm.h in genksyms calculation (Ian Kent) [1184152 1183280]\n[3.10.0-123.19.1]\n- [mm] shmem: fix splicing from a hole while it's punched (Denys Vlasenko) [1118244 1118245] {CVE-2014-4171}\n- [mm] shmem: fix faulting into a hole, not taking i_mutex (Denys Vlasenko) [1118244 1118245] {CVE-2014-4171}\n- [mm] shmem: fix faulting into a hole while it's punched (Denys Vlasenko) [118244 1118245] {CVE-2014-4171}\n- [x86] traps: stop using IST for #SS (Petr Matousek) [1172812 1172813] {CVE-2014-9322}\n- [net] vxlan: fix incorrect initializer in union vxlan_addr (Daniel Borkmann) [1156611 1130643]\n- [net] vxlan: fix crash when interface is created with no group (Daniel Borkmann) [1156611 1130643]\n- [net] vxlan: fix nonfunctional neigh_reduce() (Daniel Borkmann) [1156611 1130643]\n- [net] vxlan: fix potential NULL dereference in arp_reduce() (Daniel Borkmann) [1156611 1130643]\n- [net] vxlan: remove unused port variable in vxlan_udp_encap_recv() (Daniel Borkmann) [1156611 1130643]\n- [net] vxlan: remove extra newline after function definition (Daniel Borkmann) [1156611 1130643]\n- [net] etherdevice: Use ether_addr_copy to copy an Ethernet address (Stefan Assmann) [1156611 1091126]\n- [fs] splice: perform generic write checks (Eric Sandeen) [1163799 1155907] {CVE-2014-7822}\n- [fs] eliminate BUG() call when there's an unexpected lock on file close (Frank Sorenson) [1172266 1148130]\n- [net] sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [1163094 1154002] {CVE-2014-7841}\n- [fs] lockd: Try to reconnect if statd has moved (Benjamin Coddington) [1150889 1120850]\n- [fs] sunrpc: Don't wake tasks during connection abort (Benjamin Coddington) [1150889 1120850]\n- [fs] cifs: NULL pointer dereference in SMB2_tcon (Jacob Tanenbaum) [1147528 1147529] {CVE-2014-7145}\n- [net] ipv6: addrconf: implement address generation modes (Jiri Pirko) [1144876 1107369]\n- [net] gre: add link local route when local addr is any (Jiri Pirko) [1144876 1107369]\n- [net] gre6: don't try to add the same route two times (Jiri Pirko) [1144876 1107369]\n- [fs] isofs: unbound recursion when processing relocated directories (Jacob Tanenbaum) [1142270 1142271] {CVE-2014-5471 CVE-2014-5472}\n- [fs] fs: seq_file: fallback to vmalloc allocation (Ian Kent) [1140302 1095623]\n- [fs] fs: /proc/stat: convert to single_open_size() (Ian Kent) [1140302 1095623]\n- [fs] fs: seq_file: always clear m->count when we free m->buf (Ian Kent) [1140302 1095623]\n[3.10.0-123.18.1]\n- [net] ipv6: fib: fix fib dump restart (Panu Matilainen) [1172795 1163605]\n- [net] ipv6: drop unused fib6_clean_all_ro() function and rt6_proc_arg struct (Panu Matilainen) [1172795 1163605]\n- [net] ipv6: avoid high order memory allocations for /proc/net/ipv6_route (Panu Matilainen) [1172795 1163605]\n- [mm] numa: Remove BUG_ON() in __handle_mm_fault() (Rik van Riel) [1170662 1119439]\n- [fs] aio: fix race between aio event completion and reaping (Jeff Moyer) [1154172 1131312]\n[3.10.0-123.17.1]\n- [ethernet] mlx4: Protect port type setting by mutex (Amir Vadai) [1162733 1095345]\n[3.10.0-123.16.1]\n- [fs] aio: block exit_aio() until all context requests are completed (Jeff Moyer) [1163992 1122092]\n- [fs] aio: add missing smp_rmb() in read_events_ring (Jeff Moyer) [1154172 1131312]\n- [fs] aio: fix reqs_available handling (Jeff Moyer) [1163992 1122092]\n- [fs] aio: report error from io_destroy() when threads race in io_destroy() (Jeff Moyer) [1163992 1122092]\n- [fs] aio: block io_destroy() until all context requests are completed (Jeff Moyer) [1163992 1122092]\n- [fs] aio: v4 ensure access to ctx->ring_pages is correctly serialised for migration (Jeff Moyer) [1163992 1122092]\n- [fs] aio/migratepages: make aio migrate pages sane (Jeff Moyer) [1163992 1122092]\n- [fs] aio: clean up and fix aio_setup_ring page mapping (Jeff Moyer) [1163992 1122092]\n[3.10.0-123.15.1]\n- [scsi] ipr: wait for aborted command responses (Gustavo Duarte) [1162734 1156530]\n- [scsi] reintroduce scsi_driver.init_command (Ewan Milne) [1146983 1105204]\n- [block] implement an unprep function corresponding directly to prep (Ewan Milne) [1146983 1105204]\n- [scsi] Revert: reintroduce scsi_driver.init_command (Ewan Milne) [1146983 1105204]\n[3.10.0-123.14.1]\n- [fs] nfs: Fix another nfs4_sequence corruptor (Steve Dickson) [1162073 1111170]", "edition": 3, "reporter": "Oracle", "published": "2015-01-28T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7822", "CVE-2014-7841", "CVE-2014-9322", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-7145", "CVE-2014-5471"], "modified": "2015-01-28T00:00:00", "id": "ELSA-2015-0102", "href": "http://linux.oracle.com/errata/ELSA-2015-0102.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:47", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "perf-2.6.32-504.16.2.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-504.16.2.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-504.16.2.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-504.16.2.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-504.16.2.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-504.16.2.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-504.16.2.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "src", "packageFilename": "kernel-2.6.32-504.16.2.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "src", "packageFilename": "kernel-2.6.32-504.16.2.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-504.16.2.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}], "description": "[2.6.32-504.16.2]\n- [infiniband] core: Prevent integer overflow in ib_umem_get address arithmetic (Doug Ledford) [1181173 1179327] {CVE-2014-8159}\n[2.6.32-504.16.1]\n- [fs] gfs2: Move gfs2_file_splice_write outside of #ifdef (Robert S Peterson) [1198329 1193559]\n- [security] keys: close race between key lookup and freeing (Radomir Vrbovsky) [1179849 1179850] {CVE-2014-9529}\n- [net] sctp: fix slab corruption from use after free on INIT collisions (Daniel Borkmann) [1196587 1135425] {CVE-2015-1421}\n- [fs] gfs2: Allocate reservation during splice_write (Robert S Peterson) [1198329 1193559]\n- [fs] nfs: Be less aggressive about returning delegations for open files (Steve Dickson) [1196314 1145334]\n- [fs] nfs: Avoid PUTROOTFH when managing leases (Benjamin Coddington) [1196313 1143013]\n- [crypto] testmgr: mark rfc4106(gcm(aes)) as fips_allowed (Jarod Wilson) [1194983 1185395]\n- [crypto] Extending the RFC4106 AES-GCM test vectors (Jarod Wilson) [1194983 1185395]\n- [char] raw: Return short read or 0 at end of a raw device, not EIO (Jeff Moyer) [1195747 1142314]\n- [scsi] hpsa: Use local workqueues instead of system workqueues - part1 (Tomas Henzl) [1193639 1134115]\n- [x86] kvm: vmx: invalid host cr4 handling across vm entries (Jacob Tanenbaum) [1153326 1153327] {CVE-2014-3690}\n- [fs] isofs: Fix unchecked printing of ER records (Radomir Vrbovsky) [1180481 1180492] {CVE-2014-9584}\n- [fs] bio: fix argument of __bio_add_page() for max_sectors > 0xffff (Fam Zheng) [1198428 1166763]\n- [media] ttusb-dec: buffer overflow in ioctl (Alexander Gordeev) [1170971 1167115] {CVE-2014-8884}\n- [kernel] trace: insufficient syscall number validation in perf and ftrace subsystems (Jacob Tanenbaum) [1161567 1161568] {CVE-2014-7826 CVE-2014-7825}\n- [fs] nfs: Fix a delegation callback race (Dave Wysochanski) [1187639 1149831]\n- [fs] nfs: Don't use the delegation->inode in nfs_mark_return_delegation() (Dave Wysochanski) [1187639 1149831]\n- [infiniband] ipoib: don't queue a work struct up twice (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: make sure we reap all our ah on shutdown (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: cleanup a couple debug messages (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: flush the ipoib_workqueue on unregister (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: fix ipoib_mcast_restart_task (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: fix race between mcast_dev_flush and mcast_join (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: remove unneeded locks (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: don't restart our thread on ENETRESET (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: Handle -ENETRESET properly in our callback (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: make delayed tasks not hold up everything (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: Add a helper to restart the multicast task (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: fix IPOIB_MCAST_RUN flag usage (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [infiniband] ipoib: Remove unnecessary port query (Doug Ledford) [1187664 1187666 1184072 1159925]\n- [x86] kvm: Avoid pagefault in kvm_lapic_sync_to_vapic (Paolo Bonzini) [1192055 1116398]\n- [s390] kernel: fix cpu target address of directed yield (Hendrik Brueckner) [1188339 1180061]\n- [mm] memcg: do not allow task about to OOM kill to bypass the limit (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] memcg: do not declare OOM from __GFP_NOFAIL allocations (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [fs] buffer: move allocation failure loop into the allocator (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] memcg: handle non-error OOM situations more gracefully (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] memcg: do not trap chargers with full callstack on OOM (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] memcg: rework and document OOM waiting and wakeup (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] memcg: enable memcg OOM killer only for user faults (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [x86] mm: finish user fault error path with fatal signal (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [mm] pass userspace fault flag to generic fault handler (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [s390] mm: do not invoke OOM killer on kernel fault OOM (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [powerpc] mm: remove obsolete init OOM protection (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [powerpc] mm: invoke oom-killer from remaining unconverted page fault handlers (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}\n- [security] selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID (Denys Vlasenko) [1104567 1104568] {CVE-2014-3215}\n- [security] Add PR_\n_NO_NEW_PRIVS to prevent execve from granting privs (Denys Vlasenko) [1104567 1104568] {CVE-2014-3215}\n[2.6.32-504.15.1]\n- [netdrv] ixgbe: remove CIAA/D register reads from bad VF check (John Greene) [1196312 1156061]\n- [pci] Make FLR and AF FLR reset warning messages different (Myron Stowe) [1192365 1184540]\n- [pci] Fix unaligned access in AF transaction pending test (Myron Stowe) [1192365 1184540]\n- [pci] Merge multi-line quoted strings (Myron Stowe) [1192365 1184540]\n- [pci] Wrong register used to check pending traffic (Myron Stowe) [1192365 1184540]\n- [pci] Add pci_wait_for_pending() -- refactor pci_wait_for_pending_transaction() (Myron Stowe) [1192365 1184540]\n- [pci] Use pci_wait_for_pending_transaction() instead of for loop (Myron Stowe) [1192365 1184540]\n- [pci] Add pci_wait_for_pending_transaction() (Myron Stowe) [1192365 1184540]\n- [pci] Wait for pending transactions to complete before 82599 FLR (Myron Stowe) [1192365 1184540]\n- [scsi] storvsc: fix a bug in storvsc limits (Vitaly Kuznetsov) [1196532 1174168]\n[2.6.32-504.14.1]\n- [s390] crypto: kernel oops at insmod of the z90crypt device driver (Hendrik Brueckner) [1191916 1172137]\n- [sound] alsa: usb-audio: Fix crash at re-preparing the PCM stream (Jerry Snitselaar) [1192105 1167059]\n- [usb] ehci: bugfix: urb->hcpriv should not be NULL (Jerry Snitselaar) [1192105 1167059]\n- [mm] mmap: uncached vma support with writenotify (Jerry Snitselaar) [1192105 1167059]\n- [kernel] futex: Mention key referencing differences between shared and private futexes (Larry Woodman) [1192107 1167405]\n- [kernel] futex: Ensure get_futex_key_refs() always implies a barrier (Larry Woodman) [1192107 1167405]\n[2.6.32-504.13.1]\n- [netdrv] enic: fix rx skb checksum (Stefan Assmann) [1189068 1115505]\n- [scsi] Revert 'fix our current target reap infrastructure' (David Milburn) [1188941 1168072]\n- [scsi] Revert 'dual scan thread bug fix' (David Milburn) [1188941 1168072]\n- [net] tcp: do not copy headers in tcp_collapse() (Alexander Duyck) [1188838 1156289]\n- [net] tcp: use tcp_flags in tcp_data_queue() (Alexander Duyck) [1188838 1156289]\n- [net] tcp: use TCP_SKB_CB(skb)->tcp_flags in input path (Alexander Duyck) [1188838 1156289]\n- [net] tcp: remove unused tcp_fin() parameters (Alexander Duyck) [1188838 1156289]\n- [net] tcp: rename tcp_skb_cb flags (Alexander Duyck) [1188838 1156289]\n- [net] tcp: unify tcp flag macros (Alexander Duyck) [1188838 1156289]\n- [net] tcp: unalias tcp_skb_cb flags and ip_dsfield (Alexander Duyck) [1188838 1156289]", "edition": 3, "reporter": "Oracle", "published": "2015-04-21T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3215", "CVE-2014-9529", "CVE-2014-7825", "CVE-2015-1421", "CVE-2014-8159", "CVE-2014-8884", "CVE-2014-9584", "CVE-2014-3690", "CVE-2014-8171", "CVE-2014-7826"], "modified": "2015-04-21T00:00:00", "id": "ELSA-2015-0864", "href": "http://linux.oracle.com/errata/ELSA-2015-0864.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:42:38", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.56.1.el6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\nThis issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Due to several bugs in the network console logging, a race condition\nbetween the network console send operation and the driver's IRQ handler\ncould occur, or the network console could access invalid memory content.\nAs a consequence, the respective driver, such as vmxnet3, triggered a\nBUG_ON() assertion and the system terminated unexpectedly. A patch\naddressing these bugs has been applied so that driver's IRQs are disabled\nbefore processing the send operation and the network console now accesses\nthe RCU-protected (read-copy update) data properly. Systems using the\nnetwork console logging no longer crashes due to the aforementioned\nconditions. (BZ#1165983)\n\n* A bug in the vmxnet3 driver allowed potential race conditions to be\ntriggered when the driver was used with the netconsole module. The race\nconditions allowed the driver's internal New API (NAPI) poll routine to run\nconcurrently with the netpoll controller routine, which resulted in data\ncorruption and a subsequent kernel panic. To fix this problem, the vmxnet3\ndriver has been modified to call the appropriate interrupt handler to\nschedule NAPI poll requests properly. (BZ#1179594)\n\n* Prior to this update, nfs_mark_return_delegation() was called without any\nlocking, resulting in unsafe dereferencing of delegation->inode.\nBecause the inode is only used to discover the nfs_client, the callers now\npass a valid pointer to the nfs_server as a parameter. (BZ#1187637)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-03-03T05:00:00", "type": "redhat", "title": "(RHSA-2015:0285) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2015-06-10T11:09:56", "id": "RHSA-2015:0285", "href": "https://access.redhat.com/errata/RHSA-2015:0285", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:41:02", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* An integer overflow flaw was found in the way the Linux kernel's Advanced\nLinux Sound Architecture (ALSA) implementation handled user controls.\nA local, privileged user could use this flaw to crash the system.\n(CVE-2014-4656, Moderate)\n\nThe CVE-2014-7841 issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.", "reporter": "RedHat", "published": "2015-01-27T23:35:24", "type": "redhat", "title": "(RHSA-2015:0087) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4656", "CVE-2014-7841"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:15", "id": "RHSA-2015:0087", "href": "https://access.redhat.com/errata/RHSA-2015:0087", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:46:01", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-220.60.2.el6", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* It was found that the Linux kernel's Infiniband subsystem did not\nproperly sanitize input parameters while registering memory regions from\nuser space via the (u)verbs API. A local user with access to a\n/dev/infiniband/uverbsX device could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-8159,\nImportant)\n\n* An integer overflow flaw was found in the way the Linux kernel's Frame\nBuffer device implementation mapped kernel memory to user space via the\nmmap syscall. A local user able to access a frame buffer device file\n(/dev/fb*) could possibly use this flaw to escalate their privileges on the\nsystem. (CVE-2013-2596, Important)\n\n* It was found that the parse_rock_ridge_inode_internal() function of the\nLinux kernel's ISOFS implementation did not correctly check relocated\ndirectories when processing Rock Ridge child link (CL) tags. An attacker\nwith physical access to the system could use a specially crafted ISO image\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-5471, CVE-2014-5472, Low)\n\nRed Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue.\nThe CVE-2014-7841 issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, certain network device drivers did not accept ethtool\ncommands right after they were loaded. As a consequence, the current\nsetting of the specified device driver was not applied and an error message\nwas returned. The ETHTOOL_DELAY variable has been added, which makes sure\nthe ethtool utility waits for some time before it tries to apply the\noptions settings, thus fixing the bug. (BZ#1138299)\n\n* During the memory allocation for a new socket to communicate to the\nserver, the rpciod daemon released a clean page which needed to be\ncommitted. However, the commit was queueing indefinitely as the commit\ncould only be provided with a socket connection. As a consequence, a\ndeadlock occurred in rpciod. This update sets the PF_FSTRANS flag on the\nwork queue task prior to the socket allocation, and adds the\nnfs_release_page check for the flag when deciding whether to make a commit\ncall, thus fixing this bug. (BZ#1192326)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-03-17T04:00:00", "type": "redhat", "title": "(RHSA-2015:0695) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2596", "CVE-2014-5471", "CVE-2014-5472", "CVE-2014-7841", "CVE-2014-8159"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2015-04-24T14:17:08", "id": "RHSA-2015:0695", "href": "https://access.redhat.com/errata/RHSA-2015:0695", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:41:45", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-3.10.0-123.20.1.el7.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* A race condition flaw was found in the way the Linux kernel's mmap(2),\nmadvise(2), and fallocate(2) system calls interacted with each other while\noperating on virtual memory file system files. A local user could use this\nflaw to cause a denial of service. (CVE-2014-4171, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's\nCommon Internet File System (CIFS) implementation handled mounting of file\nsystem shares. A remote attacker could use this flaw to crash a client\nsystem that would mount a file system share from a malicious server.\n(CVE-2014-7145, Moderate)\n\n* A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local, unprivileged\nuser could use this flaw to write past the maximum file size, and thus\ncrash the system. (CVE-2014-7822, Moderate)\n\n* It was found that the parse_rock_ridge_inode_internal() function of the\nLinux kernel's ISOFS implementation did not correctly check relocated\ndirectories when processing Rock Ridge child link (CL) tags. An attacker\nwith physical access to the system could use a specially crafted ISO image\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-5471, CVE-2014-5472, Low)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting the\nCVE-2014-7822 issue. The CVE-2014-7841 issue was discovered by Liu Wei of\nRed Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, a kernel panic could occur if a process reading from a locked\nNFS file was killed and the lock was not released properly before the read\noperations finished. Consequently, the system crashed. The code handling\nfile locks has been fixed, and instead of halting, the system now emits a\nwarning about the unreleased lock. (BZ#1172266)\n\n* A race condition in the command abort handling logic of the ipr device\ndriver could cause the kernel to panic when the driver received a response\nto an abort command prior to receiving other responses to the aborted\ncommand due to the support for multiple interrupts. With this update, the\nabort handler waits for the aborted command's responses first before\ncompleting an abort operation. (BZ#1162734)\n\n* Previously, a race condition could occur when changing a Page Table Entry\n(PTE) or a Page Middle Directory (PMD) to \"pte_numa\" or \"pmd_numa\",\nrespectively, causing the kernel to crash. This update removes the BUG_ON()\nmacro from the __handle_mm_fault() function, preventing the kernel panic in\nthe aforementioned scenario. (BZ#1170662)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-01-28T05:00:00", "type": "redhat", "title": "(RHSA-2015:0102) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4171", "CVE-2014-5471", "CVE-2014-5472", "CVE-2014-7145", "CVE-2014-7822", "CVE-2014-7841"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:32:49", "id": "RHSA-2015:0102", "href": "https://access.redhat.com/errata/RHSA-2015:0102", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:57", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way seunshare, a utility for running executables\nunder a different security context, used the capng_lock functionality of\nthe libcap-ng library. The subsequent invocation of suid root binaries that\nrelied on the fact that the setuid() system call, among others, also sets\nthe saved set-user-ID when dropping the binaries' process privileges, could\nallow a local, unprivileged user to potentially escalate their privileges\non the system. Note: the fix for this issue is the kernel part of the\noverall fix, and introduces the PR_SET_NO_NEW_PRIVS functionality and the\nrelated SELinux exec transitions support. (CVE-2014-3215, Important)\n\n* A use-after-free flaw was found in the way the Linux kernel's SCTP\nimplementation handled authentication key reference counting during INIT\ncollisions. A remote attacker could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2015-1421,\nImportant)\n\n* It was found that the Linux kernel's KVM implementation did not ensure\nthat the host CR4 control register value remained unchanged across VM\nentries on the same virtual CPU. A local, unprivileged user could use this\nflaw to cause a denial of service on the system. (CVE-2014-3690, Moderate)\n\n* An out-of-bounds memory access flaw was found in the syscall tracing\nfunctionality of the Linux kernel's perf subsystem. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2014-7825, Moderate)\n\n* An out-of-bounds memory access flaw was found in the syscall tracing\nfunctionality of the Linux kernel's ftrace subsystem. On a system with\nftrace syscall tracing enabled, a local, unprivileged user could use this\nflaw to crash the system, or escalate their privileges. (CVE-2014-7826,\nModerate)\n\n* It was found that the Linux kernel memory resource controller's (memcg)\nhandling of OOM (out of memory) conditions could lead to deadlocks.\nAn attacker able to continuously spawn new processes within a single\nmemory-constrained cgroup during an OOM event could use this flaw to lock\nup the system. (CVE-2014-8171, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel keys\nmanagement subsystem performed key garbage collection. A local attacker\ncould attempt accessing a key while it was being garbage collected, which\nwould cause the system to crash. (CVE-2014-9529, Moderate)\n\n* A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge\nDEC USB device driver. A local user with write access to the corresponding\ndevice could use this flaw to crash the kernel or, potentially, elevate\ntheir privileges on the system. (CVE-2014-8884, Low)\n\n* An information leak flaw was found in the way the Linux kernel's ISO9660\nfile system implementation accessed data on an ISO9660 image with RockRidge\nExtension Reference (ER) records. An attacker with physical access to the\nsystem could use this flaw to disclose up to 255 bytes of kernel memory.\n(CVE-2014-9584, Low)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-3215\nand CVE-2014-3690, Robert \u015awi\u0119cki for reporting CVE-2014-7825 and\nCVE-2014-7826, and Carl Henrik Lunde for reporting CVE-2014-9584. The\nCVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes is\navailable from the Technical Notes document linked to in the References\nsection.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.", "reporter": "RedHat", "published": "2015-04-21T04:00:00", "type": "redhat", "title": "(RHSA-2015:0864) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3215", "CVE-2014-3690", "CVE-2014-7825", "CVE-2014-7826", "CVE-2014-8171", "CVE-2014-8884", "CVE-2014-9529", "CVE-2014-9584", "CVE-2015-1421"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:17", "id": "RHSA-2015:0864", "href": "https://access.redhat.com/errata/RHSA-2015:0864", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:41:14", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-642.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.el6.i686.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate)\n\n* It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system. (CVE-2013-4312, Moderate)\n\n* A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate)\n\n* It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system. (CVE-2015-8215, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. (CVE-2015-8543, Moderate)\n\n* It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8134, Low)\n\n* A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. (CVE-2015-7509, Low)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. (CVE-2015-8324, Low)\n\nRed Hat would like to thank Nadav Amit for reporting CVE-2010-5313 and CVE-2014-7842, Andy Lutomirski for reporting CVE-2014-8134, and Dmitriy Monakhov (OpenVZ) for reporting CVE-2015-8324. The CVE-2015-5156 issue was discovered by Jason Wang (Red Hat).\n\nAdditional Changes:\n\n* Refer to Red Hat Enterprise Linux 6.8 Release Notes for information on new kernel features and known issues, and Red Hat Enterprise Linux Technical Notes for information on device driver updates, important changes to external kernel parameters, notable bug fixes, and technology previews. Both of these documents are linked to in the References section.", "reporter": "RedHat", "published": "2016-05-10T10:42:32", "type": "redhat", "title": "(RHSA-2016:0855) Moderate: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2013-4312", "CVE-2014-7842", "CVE-2014-8134", "CVE-2015-5156", "CVE-2015-7509", "CVE-2015-8215", "CVE-2015-8324", "CVE-2015-8543"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:16", "id": "RHSA-2016:0855", "href": "https://access.redhat.com/errata/RHSA-2016:0855", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:43", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.53.2.el6", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-431.53.2.el6.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's Infiniband subsystem did not\nproperly sanitize input parameters while registering memory regions from\nuser space via the (u)verbs API. A local user with access to a\n/dev/infiniband/uverbsX device could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-8159,\nImportant)\n\n* A use-after-free flaw was found in the way the Linux kernel's SCTP\nimplementation handled authentication key reference counting during INIT\ncollisions. A remote attacker could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2015-1421,\nImportant)\n\n* An integer overflow flaw was found in the way the Linux kernel's Frame\nBuffer device implementation mapped kernel memory to user space via the\nmmap syscall. A local user able to access a frame buffer device file\n(/dev/fb*) could possibly use this flaw to escalate their privileges on the\nsystem. (CVE-2013-2596, Important)\n\n* It was found that the Linux kernel's KVM implementation did not ensure\nthat the host CR4 control register value remained unchanged across VM\nentries on the same virtual CPU. A local, unprivileged user could use this\nflaw to cause a denial of service on the system. (CVE-2014-3690, Moderate)\n\n* It was found that the parse_rock_ridge_inode_internal() function of the\nLinux kernel's ISOFS implementation did not correctly check relocated\ndirectories when processing Rock Ridge child link (CL) tags. An attacker\nwith physical access to the system could use a specially crafted ISO image\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-5471, CVE-2014-5472, Low)\n\n* A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge\nDEC USB device driver. A local user with write access to the corresponding\ndevice could use this flaw to crash the kernel or, potentially, elevate\ntheir privileges on the system. (CVE-2014-8884, Low)\n\nRed Hat would like to thank Mellanox for reporting CVE-2014-8159, and Andy\nLutomirski for reporting CVE-2014-3690. The CVE-2015-1421 issue was\ndiscovered by Sun Baoliang of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, a NULL pointer check that is needed to prevent an oops in the\nnfs_async_inode_return_delegation() function was removed. As a consequence,\na NFS4 client could terminate unexpectedly. The missing NULL pointer check\nhas been added back, and NFS4 client no longer crashes in this situation.\n(BZ#1187638)\n\n* Due to unbalanced multicast join and leave processing, the attempt to\nleave a multicast group that had not previously completed a join became\nunresponsive. This update resolves multiple locking issues in the IPoIB\nmulticast code that allowed multicast groups to be left before the joining\nwas entirely completed. Now, multicast join and leave failures or lockups\nno longer occur in the described situation. (BZ#1187663)\n\n* A failure to leave a multicast group which had previously been joined\nprevented the attempt to unregister from the \"sa\" service. Multiple locking\nissues in the IPoIB multicast join and leave processing have been fixed so\nthat leaving a group that has completed its join process is successful.\nAs a result, attempts to unregister from the \"sa\" service no longer lock up\ndue to leaked resources. (BZ#1187665)\n\n* Due to a regression, when large reads which partially extended beyond the\nend of the underlying device were done, the raw driver returned the EIO\nerror code instead of returning a short read covering the valid part of the\ndevice. The underlying source code has been patched, and the raw driver now\nreturns a short read for the remainder of the device. (BZ#1195746)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-04-07T04:00:00", "type": "redhat", "title": "(RHSA-2015:0782) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2596", "CVE-2014-3690", "CVE-2014-5471", "CVE-2014-5472", "CVE-2014-8159", "CVE-2014-8884", "CVE-2015-1421"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2016-09-04T02:14:21", "id": "RHSA-2015:0782", "href": "https://access.redhat.com/errata/RHSA-2015:0782", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:49", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.50.1.el6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A race condition flaw was found in the way the Linux kernel's KVM\nsubsystem handled PIT (Programmable Interval Timer) emulation. A guest user\nwho has access to the PIT I/O ports could use this flaw to crash the host.\n(CVE-2014-3611, Important)\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* A flaw was found in the way the ipc_rcu_putref() function in the Linux\nkernel's IPC implementation handled reference counter decrementing.\nA local, unprivileged user could use this flaw to trigger an Out of Memory\n(OOM) condition and, potentially, crash the system. (CVE-2013-4483,\nModerate)\n\n* A memory corruption flaw was found in the way the USB ConnectTech\nWhiteHEAT serial driver processed completion commands sent via USB Request\nBlocks buffers. An attacker with physical access to the system could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system. (CVE-2014-3185, Moderate)\n\n* It was found that the Linux kernel's KVM subsystem did not handle the VM\nexits gracefully for the invept (Invalidate Translations Derived from EPT)\nand invvpid (Invalidate Translations Based on VPID) instructions. On hosts\nwith an Intel processor and invept/invppid VM exit support, an unprivileged\nguest user could use these instructions to crash the guest. (CVE-2014-3645,\nCVE-2014-3646, Moderate)\n\n* A flaw was found in the way the Linux kernel's netfilter subsystem\nhandled generic protocol tracking. As demonstrated in the Stream Control\nTransmission Protocol (SCTP) case, a remote attacker could use this flaw to\nbypass intended iptables rule restrictions when the associated connection\ntracking module was not loaded on the system. (CVE-2014-8160, Moderate)\n\nRed Hat would like to thank Lars Bull of Google for reporting\nCVE-2014-3611, Vladimir Davydov (Parallels) for reporting CVE-2013-4483,\nand the Advanced Threat Research team at Intel Security for reporting\nCVE-2014-3645 and CVE-2014-3646. The CVE-2014-7841 issue was discovered by\nLiu Wei of Red Hat.\n\nBug fixes:\n\n* When forwarding a packet, the iptables target TCPOPTSTRIP used the\ntcp_hdr() function to locate the option space. Consequently, TCPOPTSTRIP\nlocated the incorrect place in the packet, and therefore did not match\noptions for stripping. TCPOPTSTRIP now uses the TCP header itself to locate\nthe option space, and the options are now properly stripped. (BZ#1172026)\n\n* The ipset utility computed incorrect values of timeouts from an old IP\nset, and these values were then supplied to a new IP set. A resize on an IP\nset with a timeouts option enabled could then supply corrupted data from an\nold IP set. This bug has been fixed by properly reading timeout values from\nan old set before supplying them to a new set. (BZ#1172763)\n\n* Incorrect processing of errors from the BCM5719 LAN controller could\nresult in incoming packets being dropped. Now, received errors are handled\nproperly, and incoming packets are no longer randomly dropped. (BZ#1180405)\n\n* When the NVMe driver allocated a name-space queue, it was recognized as a\nrequest-based driver, whereas it was a BIO-based driver. While trying to\naccess data during the loading of NVMe along with a request-based DM\ndevice, the system could terminate unexpectedly or become unresponsive.\nNow, NVMe does not set the QUEUE_FLAG_STACKABLE flag during the allocation\nof a name-space queue, and the system no longer attempts to insert a\nrequest into the queue, preventing a crash. (BZ#1180554)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-03-03T05:00:00", "type": "redhat", "title": "(RHSA-2015:0284) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-4483", "CVE-2014-3185", "CVE-2014-3611", "CVE-2014-3645", "CVE-2014-3646", "CVE-2014-7841", "CVE-2014-8160"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2016-09-04T02:14:25", "id": "RHSA-2015:0284", "href": "https://access.redhat.com/errata/RHSA-2015:0284", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:41:31", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-229.el7", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-229.el7.x86_64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's XFS file system handled\nreplacing of remote attributes under certain conditions. A local user with\naccess to XFS file system mount could potentially use this flaw to escalate\ntheir privileges on the system. (CVE-2015-0274, Important)\n\n* It was found that the Linux kernel's KVM implementation did not ensure\nthat the host CR4 control register value remained unchanged across VM\nentries on the same virtual CPU. A local, unprivileged user could use this\nflaw to cause denial of service on the system. (CVE-2014-3690, Moderate)\n\n* A flaw was found in the way Linux kernel's Transparent Huge Pages (THP)\nimplementation handled non-huge page migration. A local, unprivileged user\ncould use this flaw to crash the kernel by migrating transparent hugepages.\n(CVE-2014-3940, Moderate)\n\n* An out-of-bounds memory access flaw was found in the syscall tracing\nfunctionality of the Linux kernel's perf subsystem. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2014-7825, Moderate)\n\n* An out-of-bounds memory access flaw was found in the syscall tracing\nfunctionality of the Linux kernel's ftrace subsystem. On a system with\nftrace syscall tracing enabled, a local, unprivileged user could use this\nflaw to crash the system, or escalate their privileges. (CVE-2014-7826,\nModerate)\n\n* A race condition flaw was found in the Linux kernel's ext4 file system\nimplementation that allowed a local, unprivileged user to crash the system\nby simultaneously writing to a file and toggling the O_DIRECT flag using\nfcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate)\n\n* A flaw was found in the way the Linux kernel's netfilter subsystem\nhandled generic protocol tracking. As demonstrated in the Stream Control\nTransmission Protocol (SCTP) case, a remote attacker could use this flaw to\nbypass intended iptables rule restrictions when the associated connection\ntracking module was not loaded on the system. (CVE-2014-8160, Moderate)\n\n* It was found that due to excessive files_lock locking, a soft lockup\ncould be triggered in the Linux kernel when performing asynchronous I/O\noperations. A local, unprivileged user could use this flaw to crash the\nsystem. (CVE-2014-8172, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's\nmadvise MADV_WILLNEED functionality handled page table locking. A local,\nunprivileged user could use this flaw to crash the system. (CVE-2014-8173,\nModerate)\n\n* An information leak flaw was found in the Linux kernel's IEEE 802.11\nwireless networking implementation. When software encryption was used, a\nremote attacker could use this flaw to leak up to 8 bytes of plaintext.\n(CVE-2014-8709, Low)\n\n* A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge\nDEC USB device driver. A local user with write access to the corresponding\ndevice could use this flaw to crash the kernel or, potentially, elevate\ntheir privileges on the system. (CVE-2014-8884, Low)\n\nRed Hat would like to thank Eric Windisch of the Docker project for\nreporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, and\nRobert \u015awi\u0119cki for reporting CVE-2014-7825 and CVE-2014-7826.\n\nThis update also fixes several hundred bugs and adds numerous enhancements.\nRefer to the Red Hat Enterprise Linux 7.1 Release Notes for information on\nthe most significant of these changes, and the following Knowledgebase\narticle for further information: https://access.redhat.com/articles/1352803\n\nAll Red Hat Enterprise Linux 7 users are advised to install these updated\npackages, which correct these issues and add these enhancements. The system\nmust be rebooted for this update to take effect.", "reporter": "RedHat", "published": "2015-03-05T05:00:00", "type": "redhat", "title": "(RHSA-2015:0290) Important: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3690", "CVE-2014-3940", "CVE-2014-7825", "CVE-2014-7826", "CVE-2014-8086", "CVE-2014-8160", "CVE-2014-8172", "CVE-2014-8173", "CVE-2014-8709", "CVE-2014-8884", "CVE-2015-0274"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:08", "id": "RHSA-2015:0290", "href": "https://access.redhat.com/errata/RHSA-2015:0290", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:14", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-327.el7", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-327.el7.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's file system implementation\nhandled rename operations in which the source was inside and the\ndestination was outside of a bind mount. A privileged user inside a\ncontainer could use this flaw to escape the bind mount and, potentially,\nescalate their privileges on the system. (CVE-2015-2925, Important)\n\n* A race condition flaw was found in the way the Linux kernel's IPC\nsubsystem initialized certain fields in an IPC object structure that were\nlater used for permission checking before inserting the object into a\nglobally visible list. A local, unprivileged user could potentially use\nthis flaw to elevate their privileges on the system. (CVE-2015-7613,\nImportant)\n\n* It was found that reporting emulation failures to user space could lead\nto either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of\nservice. In the case of a local denial of service, an attacker must have\naccess to the MMIO area or be able to access an I/O port. (CVE-2010-5313,\nCVE-2014-7842, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM subsystem handled\nnon-canonical addresses when emulating instructions that change the RIP\n(for example, branches or calls). A guest user with access to an I/O or\nMMIO region could use this flaw to crash the guest. (CVE-2014-3647,\nModerate)\n\n* It was found that the Linux kernel memory resource controller's (memcg)\nhandling of OOM (out of memory) conditions could lead to deadlocks.\nAn attacker could use this flaw to lock up the system. (CVE-2014-8171,\nModerate)\n\n* A race condition flaw was found between the chown and execve system\ncalls. A local, unprivileged user could potentially use this flaw to\nescalate their privileges on the system. (CVE-2015-3339, Moderate)\n\n* A flaw was discovered in the way the Linux kernel's TTY subsystem handled\nthe tty shutdown phase. A local, unprivileged user could use this flaw to\ncause a denial of service on the system. (CVE-2015-4170, Moderate)\n\n* A NULL pointer dereference flaw was found in the SCTP implementation.\nA local user could use this flaw to cause a denial of service on the system\nby triggering a kernel panic when creating multiple sockets in parallel\nwhile the system did not have the SCTP module loaded. (CVE-2015-5283,\nModerate)\n\n* A flaw was found in the way the Linux kernel's perf subsystem retrieved\nuserlevel stack traces on PowerPC systems. A local, unprivileged user could\nuse this flaw to cause a denial of service on the system. (CVE-2015-6526,\nModerate)\n\n* A flaw was found in the way the Linux kernel's Crypto subsystem handled\nautomatic loading of kernel modules. A local user could use this flaw to\nload any installed kernel module, and thus increase the attack surface of\nthe running kernel. (CVE-2013-7421, CVE-2014-9644, Low)\n\n* An information leak flaw was found in the way the Linux kernel changed\ncertain segment registers and thread-local storage (TLS) during a context\nswitch. A local, unprivileged user could use this flaw to leak the user\nspace TLS base address of an arbitrary process. (CVE-2014-9419, Low)\n\n* It was found that the Linux kernel KVM subsystem's sysenter instruction\nemulation was not sufficient. An unprivileged guest user could use this\nflaw to escalate their privileges by tricking the hypervisor to emulate a\nSYSENTER instruction in 16-bit mode, if the guest OS did not initialize the\nSYSENTER model-specific registers (MSRs). Note: Certified guest operating\nsystems for Red Hat Enterprise Linux with KVM do initialize the SYSENTER\nMSRs and are thus not vulnerable to this issue when running on a KVM\nhypervisor. (CVE-2015-0239, Low)\n\n* A flaw was found in the way the Linux kernel handled the securelevel\nfunctionality after performing a kexec operation. A local attacker could\nuse this flaw to bypass the security mechanism of the\nsecurelevel/secureboot combination. (CVE-2015-7837, Low)", "reporter": "RedHat", "published": "2015-11-20T00:35:51", "type": "redhat", "title": "(RHSA-2015:2152) Important: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5313", "CVE-2013-7421", "CVE-2014-3647", "CVE-2014-7842", "CVE-2014-8171", "CVE-2014-9419", "CVE-2014-9644", "CVE-2015-0239", "CVE-2015-2925", "CVE-2015-3339", "CVE-2015-4170", "CVE-2015-5283", "CVE-2015-6526", "CVE-2015-7613", "CVE-2015-7837"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:32:39", "id": "RHSA-2015:2152", "href": "https://access.redhat.com/errata/RHSA-2015:2152", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:26:44", "references": ["https://rhn.redhat.com/errata/RHSA-2015-0087.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.8.1.el6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.8.1.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.8.1.el6.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:0087\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* An integer overflow flaw was found in the way the Linux kernel's Advanced\nLinux Sound Architecture (ALSA) implementation handled user controls.\nA local, privileged user could use this flaw to crash the system.\n(CVE-2014-4656, Moderate)\n\nThe CVE-2014-7841 issue was discovered by Liu Wei of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/020910.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0087.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-01-28T22:43:51", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7841", "CVE-2014-4656"], "modified": "2015-01-28T22:43:51", "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/020910.html", "id": "CESA-2015:0087", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:25:47", "references": ["https://rhn.redhat.com/errata/RHSA-2015-0102.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-3.10.0-123.20.1.el7.src.rpm", "packageName": "kernel", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-3.10.0-123.20.1.el7.src.rpm", "packageName": "kernel", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-doc-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-doc-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "python-perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "python-perf-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.20.1.el7", "packageFilename": "kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:0102\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's SCTP implementation\nvalidated INIT chunks when performing Address Configuration Change\n(ASCONF). A remote attacker could use this flaw to crash the system by\nsending a specially crafted SCTP packet to trigger a NULL pointer\ndereference on the system. (CVE-2014-7841, Important)\n\n* A race condition flaw was found in the way the Linux kernel's mmap(2),\nmadvise(2), and fallocate(2) system calls interacted with each other while\noperating on virtual memory file system files. A local user could use this\nflaw to cause a denial of service. (CVE-2014-4171, Moderate)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's\nCommon Internet File System (CIFS) implementation handled mounting of file\nsystem shares. A remote attacker could use this flaw to crash a client\nsystem that would mount a file system share from a malicious server.\n(CVE-2014-7145, Moderate)\n\n* A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local, unprivileged\nuser could use this flaw to write past the maximum file size, and thus\ncrash the system. (CVE-2014-7822, Moderate)\n\n* It was found that the parse_rock_ridge_inode_internal() function of the\nLinux kernel's ISOFS implementation did not correctly check relocated\ndirectories when processing Rock Ridge child link (CL) tags. An attacker\nwith physical access to the system could use a specially crafted ISO image\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-5471, CVE-2014-5472, Low)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting the\nCVE-2014-7822 issue. The CVE-2014-7841 issue was discovered by Liu Wei of\nRed Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, a kernel panic could occur if a process reading from a locked\nNFS file was killed and the lock was not released properly before the read\noperations finished. Consequently, the system crashed. The code handling\nfile locks has been fixed, and instead of halting, the system now emits a\nwarning about the unreleased lock. (BZ#1172266)\n\n* A race condition in the command abort handling logic of the ipr device\ndriver could cause the kernel to panic when the driver received a response\nto an abort command prior to receiving other responses to the aborted\ncommand due to the support for multiple interrupts. With this update, the\nabort handler waits for the aborted command's responses first before\ncompleting an abort operation. (BZ#1162734)\n\n* Previously, a race condition could occur when changing a Page Table Entry\n(PTE) or a Page Middle Directory (PMD) to \"pte_numa\" or \"pmd_numa\",\nrespectively, causing the kernel to crash. This update removes the BUG_ON()\nmacro from the __handle_mm_fault() function, preventing the kernel panic in\nthe aforementioned scenario. (BZ#1170662)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/020915.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/020916.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0102.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-01-29T23:49:27", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "kernel, perf, python security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7822", "CVE-2014-7841", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-7145", "CVE-2014-5471"], "modified": "2015-01-30T00:20:47", "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/020915.html", "id": "CESA-2015:0102", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:27:02", "references": ["https://rhn.redhat.com/errata/RHSA-2015-0864.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-504.16.2.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-504.16.2.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.16.2.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-504.16.2.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-504.16.2.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-504.16.2.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-504.16.2.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-504.16.2.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-504.16.2.el6.noarch.rpm", "operator": "
