DATABASE RESOURCES PRICING ABOUT US

{"id": "USN-3381-1", "vendorId": null, "type": "ubuntu", "bulletinFamily": "unix", "title": "Linux kernel vulnerabilities", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n\nPeter Pi discovered that the colormap handling for frame buffer devices in \nthe Linux kernel contained an integer overflow. A local attacker could use \nthis to disclose sensitive information (kernel memory). (CVE-2016-8405)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\nIt was discovered that SELinux in the Linux kernel did not properly handle \nempty writes to /proc/pid/attr. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2017-2618)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "published": "2017-08-07T00:00:00", "modified": "2017-08-07T00:00:00", "epss": [{"cve": "CVE-2016-8405", "epss": 0.00079, "percentile": 0.32562, "modified": "2023-06-03"}, {"cve": "CVE-2017-2618", "epss": 0.00045, "percentile": 0.12342, "modified": "2023-06-23"}, {"cve": "CVE-2017-7482", "epss": 0.00045, "percentile": 0.12126, "modified": "2023-06-05"}, {"cve": "CVE-2017-1000365", "epss": 0.00062, "percentile": 0.24754, "modified": "2023-09-14"}], "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://ubuntu.com/security/notices/USN-3381-1", "reporter": "Ubuntu", "references": ["/security/CVE-2017-1000365", "/security/CVE-2017-2618", "/security/CVE-2017-7482", "/security/CVE-2016-8405"], "cvelist": ["CVE-2016-8405", "CVE-2017-1000365", "CVE-2017-2618", "CVE-2017-7482"], "immutableFields": [], "lastseen": "2023-09-18T02:53:58", "viewCount": 48, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2017-845"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-12-01"]}, {"type": "centos", "idList": ["CESA-2017:0933"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:18773E2EBFCA95CBB12CDED52A4EFFCC", "CFOUNDRY:4DDC563CC4B682CD1D8A3F51374BC77A"]}, {"type": "cve", "idList": ["CVE-2016-8405", "CVE-2017-1000365", "CVE-2017-1000371", "CVE-2017-2618", "CVE-2017-7482"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1099-1:57108", "DEBIAN:DLA-833-1:91DAA", "DEBIAN:DSA-3791-1:0D4D5", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3927-1:A186E", "DEBIAN:DSA-3927-1:A5DA8", "DEBIAN:DSA-3945-1:532A6", "DEBIAN:DSA-3945-1:A4CC7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-8405", "DEBIANCVE:CVE-2017-1000365", "DEBIANCVE:CVE-2017-1000371", "DEBIANCVE:CVE-2017-2618", "DEBIANCVE:CVE-2017-7482"]}, {"type": "f5", "idList": ["F5:K15412203", "F5:K97457339"]}, {"type": "ibm", "idList": ["A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "B13E9CABE04A3A8E052E5DD7075F194AB2BDBB1AA759BCA55EBEBB657F688C5F", "F3D623A09E7D0F54DD4072DEEB91BB4360FCB6F12BC404A385E6347E729DB982"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2017-0186", "MGASA-2017-0187", "MGASA-2017-0188"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-845.NASL", "CENTOS_RHSA-2017-0933.NASL", "DEBIAN_DLA-1099.NASL", "DEBIAN_DLA-833.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-3927.NASL", "DEBIAN_DSA-3945.NASL", "EULEROS_SA-2017-1071.NASL", "EULEROS_SA-2017-1072.NASL", "EULEROS_SA-2017-1159.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1500.NASL", "EULEROS_SA-2019-1508.NASL", "EULEROS_SA-2019-1528.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2021-1808.NASL", "EULEROS_SA-2021-2392.NASL", "FEDORA_2017-05F10E29F4.NASL", "FEDORA_2017-D3ED702FE4.NASL", "FEDORA_2017-D7BC1B3056.NASL", "JUNIPER_SPACE_JSA_10826.NASL", "NEWSTART_CGSL_NS-SA-2019-0034_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0049_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2017-798.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2017-09331.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-3609.NASL", "ORACLELINUX_ELSA-2017-3621.NASL", "ORACLELINUX_ELSA-2017-3622.NASL", "ORACLELINUX_ELSA-2017-3635.NASL", "ORACLELINUX_ELSA-2017-3640.NASL", "ORACLELINUX_ELSA-2017-3651.NASL", "ORACLELINUX_ELSA-2017-3657.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2018-4040.NASL", "ORACLELINUX_ELSA-2018-4041.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2020-1524.NASL", "ORACLEVM_OVMSA-2017-0145.NASL", "ORACLEVM_OVMSA-2017-0152.NASL", "ORACLEVM_OVMSA-2017-0167.NASL", "ORACLEVM_OVMSA-2017-0169.NASL", "ORACLEVM_OVMSA-2017-0172.NASL", "ORACLEVM_OVMSA-2017-0173.NASL", "ORACLEVM_OVMSA-2017-0174.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "PHOTONOS_PHSA-2018-2_0-0101.NASL", "PHOTONOS_PHSA-2018-2_0-0101_LINUX.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "REDHAT-RHSA-2019-0641.NASL", "SLACKWARE_SSA_2017-177-01.NASL", "SLACKWARE_SSA_2017-180-01.NASL", "SLACKWARE_SSA_2017-181-02.NASL", "SLACKWARE_SSA_2017-184-01.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2389-1.NASL", "SUSE_SU-2017-2525-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2017-3398-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-2332-1.NASL", "SUSE_SU-2018-2366-1.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3377-1.NASL", "UBUNTU_USN-3377-2.NASL", "UBUNTU_USN-3378-1.NASL", "UBUNTU_USN-3378-2.NASL", "UBUNTU_USN-3381-1.NASL", "UBUNTU_USN-3392-1.NASL", "UBUNTU_USN-3392-2.NASL", "VIRTUOZZO_VZA-2018-072.NASL", "VIRTUOZZO_VZA-2018-075.NASL", "VIRTUOZZO_VZLSA-2017-0933.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703791", "OPENVAS:1361412562310703927", "OPENVAS:1361412562310703945", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843268", "OPENVAS:1361412562310843269", "OPENVAS:1361412562310843270", "OPENVAS:1361412562310843271", "OPENVAS:1361412562310843273", "OPENVAS:1361412562310843286", "OPENVAS:1361412562310843287", "OPENVAS:1361412562310851578", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310871796", "OPENVAS:1361412562310882694", "OPENVAS:1361412562310890833", "OPENVAS:1361412562310891099", "OPENVAS:1361412562311220171071", "OPENVAS:1361412562311220171072", "OPENVAS:1361412562311220171159", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191500", "OPENVAS:1361412562311220191508", "OPENVAS:1361412562311220191528", "OPENVAS:1361412562311220192531", "OPENVAS:703791"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0933", "ELSA-2017-0933-1", "ELSA-2017-3609", "ELSA-2017-3621", "ELSA-2017-3622", "ELSA-2017-3635", "ELSA-2017-3640", "ELSA-2017-3651", "ELSA-2017-3657", "ELSA-2017-3658", "ELSA-2017-3659", "ELSA-2018-4021", "ELSA-2018-4040", "ELSA-2018-4041", "ELSA-2018-4109", "ELSA-2018-4110"]}, {"type": "osv", "idList": ["OSV:DLA-1099-1", "OSV:DLA-833-1", "OSV:DSA-3791-1", "OSV:DSA-3927-1", "OSV:DSA-3945-1"]}, {"type": "photon", "idList": ["PHSA-2017-0026", "PHSA-2017-0052", "PHSA-2017-0055", "PHSA-2018-0031", "PHSA-2018-0101", "PHSA-2018-2.0-0101"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:87BA757A5FD1FA33FB143A6AD7B02E98"]}, {"type": "redhat", "idList": ["RHSA-2017:0931", "RHSA-2017:0932", "RHSA-2017:0933", "RHSA-2019:0641"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-8405", "RH:CVE-2017-1000365", "RH:CVE-2017-2618", "RH:CVE-2017-7482"]}, {"type": "slackware", "idList": ["SSA-2017-177-01", "SSA-2017-180-01", "SSA-2017-181-02", "SSA-2017-184-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:1825-1", "OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "SUSE-SU-2017:1853-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2342-1", "SUSE-SU-2017:2389-1", "SUSE-SU-2017:2525-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:2956-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0213-1"]}, {"type": "ubuntu", "idList": ["USN-3361-1", "USN-3377-1", "USN-3377-2", "USN-3378-1", "USN-3378-2", "USN-3381-2", "USN-3392-1", "USN-3392-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-8405", "UB:CVE-2017-1000365", "UB:CVE-2017-1000371", "UB:CVE-2017-2618", "UB:CVE-2017-7482"]}, {"type": "veracode", "idList": ["VERACODE:17861", "VERACODE:20165"]}, {"type": "virtuozzo", "idList": ["VZA-2018-072", "VZA-2018-074", "VZA-2018-075"]}]}, "score": {"value": 7.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-845"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-12-01"]}, {"type": "centos", "idList": ["CESA-2017:0933"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:18773E2EBFCA95CBB12CDED52A4EFFCC", "CFOUNDRY:4DDC563CC4B682CD1D8A3F51374BC77A"]}, {"type": "cve", "idList": ["CVE-2016-8405"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1099-1:57108", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3927-1:A186E", "DEBIAN:DSA-3945-1:532A6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-8405", "DEBIANCVE:CVE-2017-1000365", "DEBIANCVE:CVE-2017-2618", "DEBIANCVE:CVE-2017-7482"]}, {"type": "f5", "idList": ["F5:K15412203"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-0933.NASL", "DEBIAN_DLA-1099.NASL", "DEBIAN_DSA-3791.NASL", "EULEROS_SA-2017-1071.NASL", "EULEROS_SA-2017-1072.NASL", "EULEROS_SA-2017-1159.NASL", "FEDORA_2017-D3ED702FE4.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2017-3621.NASL", "ORACLELINUX_ELSA-2017-3622.NASL", "ORACLEVM_OVMSA-2017-0152.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "REDHAT-RHSA-2019-0641.NASL", "SLACKWARE_SSA_2017-181-02.NASL", "SLACKWARE_SSA_2017-184-01.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2389-1.NASL", "VIRTUOZZO_VZLSA-2017-0933.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703945", "OPENVAS:1361412562310843268", "OPENVAS:1361412562310843269", "OPENVAS:1361412562310843270", "OPENVAS:1361412562310843271", "OPENVAS:1361412562310843273", "OPENVAS:1361412562310843286", "OPENVAS:1361412562310843287", "OPENVAS:1361412562310871796", "OPENVAS:1361412562310882694", "OPENVAS:703791"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0933", "ELSA-2017-0933-1", "ELSA-2017-3621", "ELSA-2017-3622", "ELSA-2018-4021"]}, {"type": "photon", "idList": ["PHSA-2017-0026", "PHSA-2017-0052", "PHSA-2018-2.0-0101"]}, {"type": "redhat", "idList": ["RHSA-2017:0931", "RHSA-2017:0932"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-8405", "RH:CVE-2017-1000365", "RH:CVE-2017-2618", "RH:CVE-2017-7482"]}, {"type": "slackware", "idList": ["SSA-2017-177-01", "SSA-2017-180-01", "SSA-2017-181-02", "SSA-2017-184-01"]}, {"type": "suse", "idList": ["SUSE-SU-2017:2389-1", "SUSE-SU-2018:0213-1"]}, {"type": "ubuntu", "idList": ["USN-3378-2", "USN-3381-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-8405", "UB:CVE-2017-1000365", "UB:CVE-2017-2618", "UB:CVE-2017-7482"]}, {"type": "virtuozzo", "idList": ["VZA-2018-072", "VZA-2018-074", "VZA-2018-075"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2016-8405", "epss": 0.00079, "percentile": 0.32435, "modified": "2023-05-06"}, {"cve": "CVE-2017-1000365", "epss": 0.00062, "percentile": 0.24605, "modified": "2023-05-06"}, {"cve": "CVE-2017-2618", "epss": 0.00045, "percentile": 0.12286, "modified": "2023-05-06"}, {"cve": "CVE-2017-7482", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}], "vulnersScore": 7.7}, "_state": {"dependencies": 1695005905, "score": 1695006094, "epss": 0}, "_internal": {"score_hash": "56fb334a023c8509ff11179ef3e6daab"}, "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "block-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "crypto-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fat-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fb-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firewire-core-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firewire-core-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firewire-core-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firewire-core-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "firewire-core-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "floppy-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "floppy-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "floppy-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "floppy-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "floppy-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-core-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "fs-secondary-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "input-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ipmi-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "irda-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-image-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-cloud-tools-3.13.0-24"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-cloud-tools-3.13.0-24-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-cloud-tools-3.13.0-24-lowlatency"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-cloud-tools-common"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-doc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-generic-lpae"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-lowlatency"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-powerpc-e500"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-powerpc-e500mc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-powerpc-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-powerpc64-emb"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-headers-3.13.0-24-powerpc64-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-generic-lpae"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-lowlatency"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-powerpc-e500"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-powerpc-e500mc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-powerpc-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-powerpc64-emb"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-24-powerpc64-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-extra-3.13.0-24-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-libc-dev"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-source-3.13.0"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-generic-lpae"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-lowlatency"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-powerpc-e500"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-powerpc-e500mc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-powerpc-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-powerpc64-emb"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-3.13.0-24-powerpc64-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-tools-common"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-generic"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-generic-lpae"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-powerpc-e500"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-powerpc-e500mc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-powerpc-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-udebs-powerpc64-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "md-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "message-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "message-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "message-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "message-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "message-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "mouse-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "multipath-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nfs-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-pcmcia-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-shared-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "nic-usb-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "parport-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pata-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pata-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pata-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pata-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pata-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pcmcia-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "pcmcia-storage-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "plip-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ppp-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "sata-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "scsi-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "serial-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "speakup-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "squashfs-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "storage-core-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "usb-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "virtio-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "virtio-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "virtio-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "virtio-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "virtio-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-generic-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-generic-lpae-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-powerpc-e500-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-powerpc-e500mc-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-powerpc-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vlan-modules-3.13.0-24-powerpc64-smp-di"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-generic-lpae"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-lowlatency"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-powerpc-e500"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-powerpc-e500mc"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-powerpc-smp"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-powerpc64-emb"}, {"OS": "Ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "3.13.0-126.175", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-image-3.13.0-126-powerpc64-smp"}]}

{"openvas": [{"lastseen": "2019-05-29T18:34:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3381-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7482", "CVE-2016-8405", "CVE-2017-2618", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843273", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3381_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3381-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843273\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-08 07:20:22 +0200 (Tue, 08 Aug 2017)\");\n script_cve_id(\"CVE-2016-8405\", \"CVE-2017-1000365\", \"CVE-2017-2618\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3381-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Peter Pi discovered that the colormap\n handling for frame buffer devices in the Linux kernel contained an integer\n overflow. A local attacker could use this to disclose sensitive information\n (kernel memory). (CVE-2016-8405) It was discovered that the Linux kernel did not\n properly restrict RLIMIT_STACK size. A local attacker could use this in\n conjunction with another vulnerability to possibly execute arbitrary code.\n (CVE-2017-1000365) It was discovered that SELinux in the Linux kernel did not\n properly handle empty writes to /proc/pid/attr. A local attacker could use this\n to cause a denial of service (system crash). (CVE-2017-2618) &#30707 &#30922\n discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel\n did not properly verify metadata. A remote attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3381-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3381-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-generic\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-generic-lpae\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-lowlatency\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-powerpc-e500\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-powerpc-e500mc\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-powerpc-smp\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-powerpc64-emb\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-126-powerpc64-smp\", ver:\"3.13.0-126.175\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.13.0.126.136\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-xenial USN-3392-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843286", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3392_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-xenial USN-3392-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843286\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-17 07:52:25 +0200 (Thu, 17 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3392-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-xenial'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3392-1 fixed a regression in the Linux\n kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for\n the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n 14.04 LTS. USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement\n kernel. Unfortunately, a regression was introduced that prevented conntrack from\n working correctly in some situations. This update fixes the problem. We\n apologize for the inconvenience. Original advisory details: Fan Wu and Shixiong\n Zhao discovered a race condition between inotify events and vfs rename\n operations in the Linux kernel. An unprivileged local attacker could use this to\n cause a denial of service (system crash) or execute arbitrary code.\n (CVE-2017-7533) It was discovered that the Linux kernel did not properly\n restrict RLIMIT_STACK size. A local attacker could use this in conjunction with\n another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)\n &#26446 &#24378 discovered that the Virtio GPU driver in the Linux kernel did\n not properly free memory in some situations. A local attacker could use this to\n cause a denial of service (memory consumption). (CVE-2017-10810) &#30707 &#30922\n discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel\n did not properly verify metadata. A remote attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3392-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3392-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-generic\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-generic-lpae\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-lowlatency\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc-e500mc\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc-smp\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc64-emb\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc64-smp\", ver:\"4.4.0-92.115~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.92.76\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-xenial USN-3378-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843270", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3378_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-xenial USN-3378-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843270\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 07:16:29 +0200 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3378-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-xenial'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3378-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding\n updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for\n Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between\n inotify events and vfs rename operations in the Linux kernel. An unprivileged\n local attacker could use this to cause a denial of service (system crash) or\n execute arbitrary code. (CVE-2017-7533) It was discovered that the Linux kernel\n did not properly restrict RLIMIT_STACK size. A local attacker could use this in\n conjunction with another vulnerability to possibly execute arbitrary code.\n (CVE-2017-1000365) &#26446 &#24378 discovered that the Virtio GPU driver in the\n Linux kernel did not properly free memory in some situations. A local attacker\n could use this to cause a denial of service (memory consumption).\n (CVE-2017-10810) &#30707 &#30922 discovered that the RxRPC Kerberos 5 ticket\n handling code in the Linux kernel did not properly verify metadata. A remote\n attacker could use this to cause a denial of service (system crash) or possibly\n execute arbitrary code. (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3378-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3378-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-generic\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-generic-lpae\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-lowlatency\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc-e500mc\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc-smp\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc64-emb\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc64-smp\", ver:\"4.4.0-89.112~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.89.74\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-hwe USN-3377-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843268", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3377_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-hwe USN-3377-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843268\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 07:15:50 +0200 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-hwe USN-3377-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3377-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 17.04. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu\n 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify\n events and vfs rename operations in the Linux kernel. An unprivileged local\n attacker could use this to cause a denial of service (system crash) or execute\n arbitrary code. (CVE-2017-7533) It was discovered that the Linux kernel did not\n properly restrict RLIMIT_STACK size. A local attacker could use this in\n conjunction with another vulnerability to possibly execute arbitrary code.\n (CVE-2017-1000365) &#26446 &#24378 discovered that the Virtio GPU driver in the\n Linux kernel did not properly free memory in some situations. A local attacker\n could use this to cause a denial of service (memory consumption).\n (CVE-2017-10810) &#30707 &#30922 discovered that the RxRPC Kerberos 5 ticket\n handling code in the Linux kernel did not properly verify metadata. A remote\n attacker could use this to cause a denial of service (system crash) or possibly\n execute arbitrary code. (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux-hwe on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3377-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3377-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-generic\", ver:\"4.10.0-30.34~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-generic-lpae\", ver:\"4.10.0-30.34~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-lowlatency\", ver:\"4.10.0-30.34~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.10.0.30.33\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.10.0.30.33\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.10.0.30.33\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3392-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3392_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3392-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843287\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-17 07:52:37 +0200 (Thu, 17 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3392-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3378-1 fixed vulnerabilities in the\n Linux kernel. Unfortunately, a regression was introduced that prevented\n conntrack from working correctly in some situations. This update fixes the\n problem. We apologize for the inconvenience. Original advisory details: Fan Wu\n and Shixiong Zhao discovered a race condition between inotify events and vfs\n rename operations in the Linux kernel. An unprivileged local attacker could use\n this to cause a denial of service (system crash) or execute arbitrary code.\n (CVE-2017-7533) It was discovered that the Linux kernel did not properly\n restrict RLIMIT_STACK size. A local attacker could use this in conjunction with\n another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)\n &#26446 &#24378 discovered that the Virtio GPU driver in the Linux kernel did\n not properly free memory in some situations. A local attacker could use this to\n cause a denial of service (memory consumption). (CVE-2017-10810) &#30707 &#30922\n discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel\n did not properly verify metadata. A remote attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3392-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3392-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1027-gke\", ver:\"4.4.0-1027.27\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1031-aws\", ver:\"4.4.0-1031.40\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1070-raspi2\", ver:\"4.4.0-1070.78\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1072-snapdragon\", ver:\"4.4.0-1072.77\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-generic\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-generic-lpae\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-lowlatency\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc-e500mc\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc-smp\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc64-emb\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-92-powerpc64-smp\", ver:\"4.4.0-92.115\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1031.33\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.4.0.1027.28\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.92.97\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1070.70\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1072.64\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3378-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843269", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3378_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3378-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843269\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 07:16:20 +0200 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3378-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Fan Wu and Shixiong Zhao discovered a race\n condition between inotify events and vfs rename operations in the Linux kernel.\n An unprivileged local attacker could use this to cause a denial of service\n (system crash) or execute arbitrary code. (CVE-2017-7533) It was discovered that\n the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker\n could use this in conjunction with another vulnerability to possibly execute\n arbitrary code. (CVE-2017-1000365) &#26446 &#24378 discovered that the Virtio\n GPU driver in the Linux kernel did not properly free memory in some situations.\n A local attacker could use this to cause a denial of service (memory\n consumption). (CVE-2017-10810) &#30707 &#30922 discovered that the RxRPC\n Kerberos 5 ticket handling code in the Linux kernel did not properly verify\n metadata. A remote attacker could use this to cause a denial of service (system\n crash) or possibly execute arbitrary code. (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3378-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3378-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1024-gke\", ver:\"4.4.0-1024.24\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1028-aws\", ver:\"4.4.0-1028.37\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1067-raspi2\", ver:\"4.4.0-1067.75\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1069-snapdragon\", ver:\"4.4.0-1069.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-generic\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-generic-lpae\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-lowlatency\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc-e500mc\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc-smp\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc64-emb\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-89-powerpc64-smp\", ver:\"4.4.0-89.112\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1028.31\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.4.0.1024.26\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.89.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1067.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1069.62\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3377-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10810", "CVE-2017-7533", "CVE-2017-7482", "CVE-2017-1000365"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3377_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3377-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843271\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 07:16:37 +0200 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2017-7533\", \"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3377-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Fan Wu and Shixiong Zhao discovered a race\n condition between inotify events and vfs rename operations in the Linux kernel.\n An unprivileged local attacker could use this to cause a denial of service\n (system crash) or execute arbitrary code. (CVE-2017-7533) It was discovered that\n the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker\n could use this in conjunction with another vulnerability to possibly execute\n arbitrary code. (CVE-2017-1000365) &#26446 &#24378 discovered that the Virtio\n GPU driver in the Linux kernel did not properly free memory in some situations.\n A local attacker could use this to cause a denial of service (memory\n consumption). (CVE-2017-10810) &#30707 &#30922 discovered that the RxRPC\n Kerberos 5 ticket handling code in the Linux kernel did not properly verify\n metadata. A remote attacker could use this to cause a denial of service (system\n crash) or possibly execute arbitrary code. (CVE-2017-7482)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 17.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3377-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3377-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-1013-raspi2\", ver:\"4.10.0-1013.16\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-generic\", ver:\"4.10.0-30.34\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-generic-lpae\", ver:\"4.10.0-30.34\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-30-lowlatency\", ver:\"4.10.0-30.34\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.10.0.30.31\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.10.0.30.31\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.10.0.30.31\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.10.0.1013.15\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:26:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1825-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7518", "CVE-2017-1000365"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851578", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851578", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851578\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-07-14 15:55:29 +0530 (Fri, 14 Jul 2017)\");\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-7518\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1825-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.2 kernel was updated\n to 4.4.74 to receive various security and bugfixes.\n\n This update fixes some long standing btrfs issues.\n\n The following security bugs were fixed:\n\n - CVE-2017-7518: A KVM debug exception in the syscall handling was fixed\n which might have been used for local privilege escalation. (bnc#1045922).\n\n - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the\n arguments and environmental strings passed through\n RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the\n argument and environment pointers into account, which allowed attackers\n to bypass this limitation. (bnc#1039354).\n\n The following non-security bugs were fixed:\n\n - bluetooth: hidp: fix possible might sleep error in hidp_session_thread\n (bsc#1031784).\n\n - btrfs: disable possible cause of premature ENOSPC (bsc#1040182)\n\n - btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n\n - btrfs: Round down values which are written for total_bytes_size\n (bsc#1043912).\n\n - drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821).\n\n - Fix kABI breakage by KVM CVE fix (bsc#1045922).\n\n - hpsa: limit transfer length to 1MB (bsc#1025461).\n\n - hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).\n\n - ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).\n\n - iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).\n\n - iwlwifi: 8000: fix MODULE_FIRMWARE input (FATE#321353, FATE#323335).\n\n - iwlwifi: 9000: increase the number of queues (FATE#321353, FATE#323335).\n\n - iwlwifi: add device ID for 8265 (FATE#321353, FATE#323335).\n\n - iwlwifi: add device IDs for the 8265 device (FATE#321353, FATE#323335).\n\n - iwlwifi: add disable_11ac module param (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 3168 series devices support (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8260 PCI IDs (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8265 (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8265 series PCI ID (FATE#321353, FATE#323335).\n\n - iwlwifi: Add new PCI IDs for 9260 and 5165 series (FATE#321353,\n FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new 3168 series (FATE#321353, FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new series 8165 (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for 12K Receive Buffers (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for getting HW address from CSR (FATE#321353,\n FATE#323335).\n\n - iwlwifi: avoid d0i3 commands when no/init ucode is loaded (FATE#321353,\n FATE#323335).\n\n - iwlwifi: bail out in case of bad trans state (FATE#321353, FATE#323335).\n\n - iwlwifi: block the queues when we send A ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Kernel on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:1825-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.74~18.20.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.74~18.20.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.74~18.20.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.74~18.20.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:10", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-7346\nLi Qiang discovered that the DRM driver for VMware virtual GPUs does\nnot properly check user-controlled values in the\nvmw_surface_define_ioctl() functions for upper limits. A local user\ncan take advantage of this flaw to cause a denial of service.\n\nCVE-2017-7482\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7533\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and VFS rename operations allowing an unprivileged local\nattacker to cause a denial of service or escalate privileges.\n\nCVE-2017-7541\nA buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN\ndriver could allow a local user to cause kernel memory corruption,\nleading to a denial of service or potentially privilege escalation.\n\nCVE-2017-7542\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-9605\nMurray McAllister discovered that the DRM driver for VMware virtual\nGPUs does not properly initialize memory, potentially allowing a\nlocal attacker to obtain sensitive information from uninitialized\nkernel memory via a crafted ioctl call.\n\nCVE-2017-10810\nLi Qiang discovered a memory leak flaw within the VirtIO GPU driver\nresulting in denial of service (memory consumption).\n\nCVE-2017-10911 /\nXSA-216\nAnthony Perard of Citrix discovered an information leak flaw in Xen\nblkif response handling, allowing a malicious unprivileged guest to\nobtain sensitive information from the host or other guests.\n\nCVE-2017-11176\nIt was discovered that the mq_notify() function does not set the\nsock pointer to NULL upon entry into the retry logic. An attacker\ncan take advantage of this flaw during a user-space close of a\nNetlink socket to cause a denial of service or potentially cause\nother impact.\n\nCVE-2017-1000365\nIt was discovered that argument and environment pointers are not\ntaken properly into account to the imposed size restrictions on\narguments and environmental strings passed through\nRLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of\nthis flaw in conjunction with other flaws to execute arbitrary code.", "cvss3": {}, "published": "2017-08-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3927-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11176", "CVE-2017-7346", "CVE-2017-10810", "CVE-2017-7533", "CVE-2017-10911", "CVE-2017-7482", "CVE-2017-7541", "CVE-2017-7542", "CVE-2017-9605", "CVE-2017-1000365"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703927", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3927.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3927-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703927\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-10911\", \"CVE-2017-11176\", \"CVE-2017-7346\", \"CVE-2017-7482\", \"CVE-2017-7533\", \"CVE-2017-7541\", \"CVE-2017-7542\", \"CVE-2017-9605\");\n script_name(\"Debian Security Advisory DSA 3927-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-07 00:00:00 +0200 (Mon, 07 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3927.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems will be fixed in\na subsequent DSA.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.30-2+deb9u3.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-7346\nLi Qiang discovered that the DRM driver for VMware virtual GPUs does\nnot properly check user-controlled values in the\nvmw_surface_define_ioctl() functions for upper limits. A local user\ncan take advantage of this flaw to cause a denial of service.\n\nCVE-2017-7482\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7533\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and VFS rename operations allowing an unprivileged local\nattacker to cause a denial of service or escalate privileges.\n\nCVE-2017-7541\nA buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN\ndriver could allow a local user to cause kernel memory corruption,\nleading to a denial of service or potentially privilege escalation.\n\nCVE-2017-7542\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-9605\nMurray McAllister discovered that the DRM driver for VMware virtual\nGPUs does not properly initialize memory, potentially allowing a\nlocal attacker to obtain sensitive information from uninitialized\nkernel memory via a crafted ioctl call.\n\nCVE-2017-10810\nLi Qiang discovered a memory leak flaw within the VirtIO GPU driver\nresulting in denial of service (memory consumption).\n\nCVE-2017-10911 /\nXSA-216\nAnthony Perard of Citrix discovered an information leak flaw in Xen\nblkif response handling, allowing a malicious unprivileged guest to\nobtain sensitive information from the host or other guests.\n\nCVE-2017-11176\nIt was discovered that the mq_notify() function does not set the\nsock pointer to NULL upon entry into the retry logic. An attacker\ncan take advantage of this flaw during a user-space close of a\nNetlink socket to cause a denial of service or potentially cause\nother impact.\n\nCVE-2017-1000365\nIt was discovered that argument and environment pointers are not\ntaken properly into account to the imposed size restrictions on\narguments and environmental strings passed through\nRLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of\nthis flaw in conjunction with other flaws to execute arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libusbip-dev\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-arm\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-s390\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-x86\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-4kc-malta\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-5kc-malta\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686-pae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-amd64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-arm64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armel\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armhf\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-i386\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips64el\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mipsel\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-ppc64el\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-s390x\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-amd64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-arm64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp-lpae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common-rt\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-loongson-3\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-marvell\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-octeon\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-powerpc64le\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-686-pae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-amd64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-s390x\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x-dbg\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-4.9.0-3\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"usbip\", ver:\"4.9.30-2+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:58", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2014-9940\nA use-after-free flaw in the voltage and current regulator driver\ncould allow a local user to cause a denial of service or potentially\nescalate privileges.\n\nCVE-2017-7346\nLi Qiang discovered that the DRM driver for VMware virtual GPUs does\nnot properly check user-controlled values in the\nvmw_surface_define_ioctl() functions for upper limits. A local user\ncan take advantage of this flaw to cause a denial of service.\n\nCVE-2017-7482\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7533\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and VFS rename operations allowing an unprivileged local\nattacker to cause a denial of service or escalate privileges.\n\nCVE-2017-7541\nA buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN\ndriver could allow a local user to cause kernel memory corruption,\nleading to a denial of service or potentially privilege escalation.\n\nCVE-2017-7542\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-7889\nTommi Rantala and Brad Spengler reported that the mm subsystem does\nnot properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,\nallowing a local attacker with access to /dev/mem to obtain\nsensitive information or potentially execute arbitrary code.\n\nCVE-2017-9605\nMurray McAllister discovered that the DRM driver for VMware virtual\nGPUs does not properly initialize memory, potentially allowing a\nlocal attacker to obtain sensitive information from uninitialized\nkernel memory via a crafted ioctl call.\n\nCVE-2017-10911\n/ XSA-216\n\nAnthony Perard of Citrix discovered an information leak flaw in Xen\nblkif response handling, allowing a malicious unprivileged guest to\nobtain sensitive information from the host or other guests.\n\nCVE-2017-11176\nIt was discovered that the mq_notify() function does not set the\nsock pointer to NULL upon entry into the retry logic. An attacker\ncan take advantage of this flaw during a userspace close of a\nNetlink socket to cause a denial of service or potentially cause\nother impact.\n\nCVE-2017-1000363\nRoee Hay reported that the lp driver does not properly bounds-check\npassed arguments, allowing a local attacker with write access to the\nkernel command line arguments to execute arbitrary code.\n\nCVE-2017-1000365\nIt was discovered that argument and environment pointers are not\ntaken properly into account to the imposed size restrictions on\narguments and environmental strings passed through\nRLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of\nthis flaw in conjunction with other flaws to execute arbitrary code.", "cvss3": {}, "published": "2017-08-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3945-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11176", "CVE-2017-7889", "CVE-2017-7346", "CVE-2014-9940", "CVE-2017-7533", "CVE-2017-10911", "CVE-2017-7482", "CVE-2017-7541", "CVE-2017-1000363", "CVE-2017-7542", "CVE-2017-9605", "CVE-2017-1000365"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3945.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3945-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703945\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2014-9940\", \"CVE-2017-1000363\", \"CVE-2017-1000365\", \"CVE-2017-10911\", \"CVE-2017-11176\", \"CVE-2017-7346\", \"CVE-2017-7482\", \"CVE-2017-7533\", \"CVE-2017-7541\", \"CVE-2017-7542\", \"CVE-2017-7889\", \"CVE-2017-9605\");\n script_name(\"Debian Security Advisory DSA 3945-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-17 00:00:00 +0200 (Thu, 17 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3945.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 3.16.43-2+deb8u3.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2014-9940\nA use-after-free flaw in the voltage and current regulator driver\ncould allow a local user to cause a denial of service or potentially\nescalate privileges.\n\nCVE-2017-7346\nLi Qiang discovered that the DRM driver for VMware virtual GPUs does\nnot properly check user-controlled values in the\nvmw_surface_define_ioctl() functions for upper limits. A local user\ncan take advantage of this flaw to cause a denial of service.\n\nCVE-2017-7482\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7533\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and VFS rename operations allowing an unprivileged local\nattacker to cause a denial of service or escalate privileges.\n\nCVE-2017-7541\nA buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN\ndriver could allow a local user to cause kernel memory corruption,\nleading to a denial of service or potentially privilege escalation.\n\nCVE-2017-7542\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-7889\nTommi Rantala and Brad Spengler reported that the mm subsystem does\nnot properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,\nallowing a local attacker with access to /dev/mem to obtain\nsensitive information or potentially execute arbitrary code.\n\nCVE-2017-9605\nMurray McAllister discovered that the DRM driver for VMware virtual\nGPUs does not properly initialize memory, potentially allowing a\nlocal attacker to obtain sensitive information from uninitialized\nkernel memory via a crafted ioctl call.\n\nCVE-2017-10911\n/ XSA-216\n\nAnthony Perard of Citrix discovered an information leak flaw in Xen\nblkif response handling, allowing a malicious unprivileged guest to\nobtain sensitive information from the host or other guests.\n\nCVE-2017-11176\nIt was discovered that the mq_notify() function does not set the\nsock pointer to NULL upon entry into the retry logic. An attacker\ncan take advantage of this flaw during a userspace close of a\nNetlink socket to cause a denial of service or potentially cause\nother impact.\n\nCVE-2017-1000363\nRoee Hay reported that the lp driver does not properly bounds-check\npassed arguments, allowing a local attacker with write access to the\nkernel command line arguments to execute arbitrary code.\n\nCVE-2017-1000365\nIt was discovered that argument and environment pointers are not\ntaken properly into account to the imposed size restrictions on\narguments and environmental strings passed through\nRLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of\nthis flaw in conjunction with other flaws to execute arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.43-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1071)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8650", "CVE-2016-9793", "CVE-2017-6951", "CVE-2017-2618"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171071", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171071", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1071\");\n script_version(\"2020-01-23T10:47:58+0000\");\n script_cve_id(\"CVE-2016-8650\", \"CVE-2016-9793\", \"CVE-2017-2618\", \"CVE-2017-6951\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:47:58 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:47:58 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1071)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1071\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1071\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2017-1071 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650)\n\nA flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND<pipe>RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793)\n\nA flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618)\n\nThe keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type.(CVE-2017-6951)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~229.49.1.127\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:56", "description": "Check the version of kernel", "cvss3": {}, "published": "2017-04-14T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2017:0933 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8650", "CVE-2016-9793", "CVE-2017-2636", "CVE-2017-2618"], "modified": "2019-03-11T00:00:00", "id": "OPENVAS:1361412562310882694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2017:0933 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882694\");\n script_version(\"$Revision: 14095 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-11 14:54:56 +0100 (Mon, 11 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-14 06:30:31 +0200 (Fri, 14 Apr 2017)\");\n script_cve_id(\"CVE-2016-8650\", \"CVE-2016-9793\", \"CVE-2017-2618\", \"CVE-2017-2636\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2017:0933 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of kernel\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel,\nthe core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes. Space precludes documenting all of these bug fixes in this\nadvisory. To see the complete list of bug fixes, users are directed to the\nreferences Knowledge Article.\n\nSecurity Fix(es):\n\n * A race condition flaw was found in the N_HLDC Linux kernel driver when\naccessing n_hdlc.tbuf list that can lead to double free. A local,\nunprivileged user able to set the HDLC line discipline on the tty device\ncould use this flaw to increase their privileges on the system.\n(CVE-2017-2636, Important)\n\n * A flaw was found in the Linux kernel key management subsystem in which a\nlocal attacker could crash the kernel or corrupt the stack and additional\nmemory (denial of service) by supplying a specially crafted RSA key. This\nflaw panics the machine during the verification of the RSA key.\n(CVE-2016-8650, Moderate)\n\n * A flaw was found in the Linux kernel's implementation of setsockopt for\nthe SO_{SND RCV}BUFFORCE setsockopt() system call. Users with non-namespace\nCAP_NET_ADMIN are able to trigger this call and create a situation in which\nthe sockets sendbuff data size could be negative. This could adversely\naffect memory allocations and create situations where the system could\ncrash or cause memory corruption. (CVE-2016-9793, Moderate)\n\n * A flaw was found in the Linux kernel's handling of clearing SELinux\nattributes on /proc/pid/attr files. An empty (null) write to this file can\ncrash the system by causing the system to attempt to access unmapped kernel\nmemory. (CVE-2017-2618, Moderate)\n\nRed Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and\nRalf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was\ndiscovered by Paul Moore (Red Hat Engineering).\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0933\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-April/022385.html\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/2986951\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.16.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:40:03", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8650", "CVE-2016-9793", "CVE-2017-6951", "CVE-2017-2618"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171072", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1072\");\n script_version(\"2020-01-23T10:48:01+0000\");\n script_cve_id(\"CVE-2016-8650\", \"CVE-2016-9793\", \"CVE-2017-2618\", \"CVE-2017-6951\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:48:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:48:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1072)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1072\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1072\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2017-1072 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650)\n\nA flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND<pipe>RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793)\n\nA flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618)\n\nThe keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type.(CVE-2017-6951)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.49.58.45\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-04-13T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2017:0933-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8650", "CVE-2016-9793", "CVE-2017-2636", "CVE-2017-2618"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871796", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871796", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0933-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871796\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-13 06:32:31 +0200 (Thu, 13 Apr 2017)\");\n script_cve_id(\"CVE-2016-8650\", \"CVE-2016-9793\", \"CVE-2017-2618\", \"CVE-2017-2636\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0933-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\n kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes. Space precludes documenting all of these bug fixes in this\nadvisory. To see the complete list of bug fixes, users are directed to the\nrelated Knowledge Article.\n\nSecurity Fix(es):\n\n * A race condition flaw was found in the N_HLDC Linux kernel driver when\naccessing n_hdlc.tbuf list that can lead to double free. A local,\nunprivileged user able to set the HDLC line discipline on the tty device\ncould use this flaw to increase their privileges on the system.\n(CVE-2017-2636, Important)\n\n * A flaw was found in the Linux kernel key management subsystem in which a\nlocal attacker could crash the kernel or corrupt the stack and additional\nmemory (denial of service) by supplying a specially crafted RSA key. This\nflaw panics the machine during the verification of the RSA key.\n(CVE-2016-8650, Moderate)\n\n * A flaw was found in the Linux kernel's implementation of setsockopt for\nthe BUFFORCE setsockopt() system call. Users with non-namespace\nCAP_NET_ADMIN are able to trigger this call and create a situation in which\nthe sockets sendbuff data size could be negative. This could adversely\naffect memory allocations and create situations where the system could\ncrash or cause memory corruption. (CVE-2016-9793, Moderate)\n\n * A flaw was found in the Linux kernel's handling of clearing SELinux\nattributes on /proc/pid/attr files. An empty (null) write to this file can\ncrash the system by causing the system to attempt to access unmapped kernel\nmemory. (CVE-2017-2618, Moderate)\n\nRed Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and\nRalf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was\ndiscovered by Paul Moore (Red Hat Engineering).\");\n script_tag(name:\"affected\", value:\"kernel on\n Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0933-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-April/msg00019.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/2986951\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~514.16.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:57:34", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false", "cvss3": {}, "published": "2017-02-22T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3791-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6787", "CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2017-6001", "CVE-2017-5970", "CVE-2017-5551", "CVE-2017-2583", "CVE-2016-8405", "CVE-2017-2596", "CVE-2016-6786", "CVE-2017-2618", "CVE-2017-5897", "CVE-2017-5549"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703791", "href": "http://plugins.openvas.org/nasl.php?oid=703791", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3791.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3791-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703791);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-6786\", \"CVE-2016-6787\", \"CVE-2016-8405\", \"CVE-2016-9191\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\", \"CVE-2017-2618\", \"CVE-2017-5549\", \"CVE-2017-5551\", \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6074\");\n script_name(\"Debian Security Advisory DSA 3791-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-02-22 00:00:00 +0100 (Wed, 22 Feb 2017)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3791.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 3.16.39-1+deb8u1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:36", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405\nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191\nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nDescription truncated. Please see the references for more information.", "cvss3": {}, "published": "2017-02-22T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3791-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6787", "CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2017-6001", "CVE-2017-5970", "CVE-2017-5551", "CVE-2017-2583", "CVE-2016-8405", "CVE-2017-2596", "CVE-2016-6786", "CVE-2017-2618", "CVE-2017-5897", "CVE-2017-5549"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703791", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3791.nasl 14280 2019-03-18 14:50:45Z cfischer $\n# Auto-generated from advisory DSA 3791-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703791\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2016-6786\", \"CVE-2016-6787\", \"CVE-2016-8405\", \"CVE-2016-9191\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\", \"CVE-2017-2618\", \"CVE-2017-5549\", \"CVE-2017-5551\", \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6074\");\n script_name(\"Debian Security Advisory DSA 3791-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 00:00:00 +0100 (Wed, 22 Feb 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3791.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 3.16.39-1+deb8u1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405\nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191\nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nDescription truncated. Please see the references for more information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:10:57", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2014-9888\n\nRussell King found that on ARM systems, memory allocated for DMA\nbuffers was mapped with executable permission. This made it\neasier to exploit other vulnerabilities in the kernel.\n\nCVE-2014-9895\n\nDan Carpenter found that the MEDIA_IOC_ENUM_LINKS ioctl on media\ndevices resulted in an information leak.\n\nCVE-2016-6786 / CVE-2016-6787\n\nIt was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3\n\nCVE-2016-8405\n\nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2017-5549\n\nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-6001\n\nDi Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786. This can be mitigated by disabling unprivileged\nuse of performance events: sysctl kernel.perf_event_paranoid=3\n\nCVE-2017-6074\n\nAndrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nFor Debian 7 ", "cvss3": {}, "published": "2018-01-08T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-833-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6787", "CVE-2017-6074", "CVE-2017-6001", "CVE-2014-9895", "CVE-2014-9888", "CVE-2016-8405", "CVE-2016-6786", "CVE-2017-5549"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310890833", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310890833", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.890833\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2014-9888\", \"CVE-2014-9895\", \"CVE-2016-6786\", \"CVE-2016-6787\", \"CVE-2016-8405\", \"CVE-2017-5549\", \"CVE-2017-6001\", \"CVE-2017-6074\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-833-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-08 00:00:00 +0100 (Mon, 08 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/02/msg00021.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n3.2.84-2.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.16.39-1+deb8u1 or earlier.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2014-9888\n\nRussell King found that on ARM systems, memory allocated for DMA\nbuffers was mapped with executable permission. This made it\neasier to exploit other vulnerabilities in the kernel.\n\nCVE-2014-9895\n\nDan Carpenter found that the MEDIA_IOC_ENUM_LINKS ioctl on media\ndevices resulted in an information leak.\n\nCVE-2016-6786 / CVE-2016-6787\n\nIt was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3\n\nCVE-2016-8405\n\nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2017-5549\n\nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-6001\n\nDi Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786. This can be mitigated by disabling unprivileged\nuse of performance events: sysctl kernel.perf_event_paranoid=3\n\nCVE-2017-6074\n\nAndrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.2.84-2.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-486\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armel\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armhf\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-i386\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common-rt\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-iop32x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-ixp4xx\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-kirkwood\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mv78xx0\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mx5\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-omap\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-orion5x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-versatile\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-vexpress\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-486\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-iop32x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-ixp4xx\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-kirkwood\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mv78xx0\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mx5\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-omap\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-orion5x\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64-dbg\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-versatile\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-vexpress\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-5\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-686-pae\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-amd64\", ver:\"3.2.84-2\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1159)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9604", "CVE-2017-11176", "CVE-2017-12762", "CVE-2017-11473", "CVE-2017-7541", "CVE-2017-7542", "CVE-2017-11600", "CVE-2017-1000365"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171159", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1159\");\n script_version(\"2020-01-23T10:54:17+0000\");\n script_cve_id(\"CVE-2016-9604\", \"CVE-2017-1000365\", \"CVE-2017-11176\", \"CVE-2017-11473\", \"CVE-2017-11600\", \"CVE-2017-12762\", \"CVE-2017-7541\", \"CVE-2017-7542\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:54:17 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:54:17 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1159)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1159\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1159\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2017-1159 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.(CVE-2017-11176)\n\nThe brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/ cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.(CVE-2017-7541)\n\nThe ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.(CVE-2017-7542)\n\nBuffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table.(CVE-2017-11473)\n\nnet/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.(CVE-2017-11600)\n\nIt was discovered that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.(CVE-2016-9604)\n\nA user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.(CVE-2017-12762)\n\nThe Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.(CVE-2017-1000365)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~229.49.1.142\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-09T19:17:21", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-7482\n\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7542\n\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-7889\n\nTommi Rantala and Brad Spengler reported that the mm subsystem does\nnot properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,\nallowing a local attacker with access to /dev/mem to obtain\nsensitive information or potentially execute arbitrary code.\n\nDescription truncated. Please see the references for more information.\n\nFor Debian 7 ", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-1099-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11176", "CVE-2017-1000380", "CVE-2017-1000111", "CVE-2017-14489", "CVE-2017-7889", "CVE-2017-14106", "CVE-2017-14140", "CVE-2017-10661", "CVE-2017-1000251", "CVE-2017-10911", "CVE-2017-7482", "CVE-2017-14156", "CVE-2017-14340", "CVE-2017-12134", "CVE-2017-12153", "CVE-2017-1000363", "CVE-2017-7542", "CVE-2017-12154", "CVE-2017-11600", "CVE-2017-1000365"], "modified": "2020-06-08T00:00:00", "id": "OPENVAS:1361412562310891099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891099", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891099\");\n script_version(\"2020-06-08T06:52:36+0000\");\n script_cve_id(\"CVE-2017-1000111\", \"CVE-2017-1000251\", \"CVE-2017-1000363\", \"CVE-2017-1000365\", \"CVE-2017-1000380\", \"CVE-2017-10661\", \"CVE-2017-10911\", \"CVE-2017-11176\", \"CVE-2017-11600\", \"CVE-2017-12134\", \"CVE-2017-12153\", \"CVE-2017-12154\", \"CVE-2017-14106\", \"CVE-2017-14140\", \"CVE-2017-14156\", \"CVE-2017-14340\", \"CVE-2017-14489\", \"CVE-2017-7482\", \"CVE-2017-7542\", \"CVE-2017-7889\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-1099-1)\");\n script_tag(name:\"last_modification\", value:\"2020-06-08 06:52:36 +0000 (Mon, 08 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 00:00:00 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/09/msg00017.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n3.2.93-1. This version also includes bug fixes from upstream versions\nup to and including 3.2.93.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.16.43-2+deb8u4 or were fixed in an earlier version.\n\nFor Debian 9 'Stretch', these problems have been fixed in version\n4.9.30-2+deb9u4 or were fixed in an earlier version.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-7482\n\nShi Lei discovered that RxRPC Kerberos 5 ticket handling code does\nnot properly verify metadata, leading to information disclosure,\ndenial of service or potentially execution of arbitrary code.\n\nCVE-2017-7542\n\nAn integer overflow vulnerability in the ip6_find_1stfragopt()\nfunction was found allowing a local attacker with privileges to open\nraw sockets to cause a denial of service.\n\nCVE-2017-7889\n\nTommi Rantala and Brad Spengler reported that the mm subsystem does\nnot properly enforce the CONFIG_STRICT_DEVMEM protection mechanism,\nallowing a local attacker with access to /dev/mem to obtain\nsensitive information or potentially execute arbitrary code.\n\nDescription truncated. Please see the references for more information.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.2.93-1. This version also includes bug fixes from upstream versions\nup to and including 3.2.93.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.16.43-2+deb8u4 or were fixed in an earlier version.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-486\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armel\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armhf\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-i386\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common-rt\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-iop32x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-ixp4xx\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-kirkwood\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mv78xx0\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mx5\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-omap\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-orion5x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-versatile\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-vexpress\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-486\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-iop32x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-ixp4xx\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-kirkwood\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mv78xx0\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mx5\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-omap\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-orion5x\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64-dbg\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-versatile\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-vexpress\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-5\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-686-pae\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-amd64\", ver:\"3.2.93-1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-02-05T16:41:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1500)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12146", "CVE-2018-13406", "CVE-2014-7975", "CVE-2013-4563", "CVE-2014-6418", "CVE-2018-18386", "CVE-2014-9683", "CVE-2017-9076", "CVE-2014-7145", "CVE-2017-1000365", "CVE-2017-8890"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191500", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1500\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-4563\", \"CVE-2014-6418\", \"CVE-2014-7145\", \"CVE-2014-7975\", \"CVE-2014-9683\", \"CVE-2017-1000365\", \"CVE-2017-12146\", \"CVE-2017-9076\", \"CVE-2018-13406\", \"CVE-2018-18386\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:57:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1500)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1500\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1500\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1500 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The IPv6 DCCP implementation in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-9076)\n\nIt was found that the driver_override implementation in base/platform.c in the Linux kernel is susceptible to race condition when different threads are reading vs storing a different driver override.(CVE-2017-12146)\n\nThe Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIMIT_INFINITY, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation.(CVE-2017-1000365)\n\nA buffer overflow flaw was found in the way the Linux kernel's eCryptfs implementation decoded encrypted file names. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-9683)\n\nThe Linux kernel was found vulnerable to an integer overflow in the drivers/video/fbdev/uvesafb.c:uvesafb_setcmap() function. The vulnerability could result in local attackers being able to crash the kernel or potentially elevate privileges.(CVE-2018-13406)\n\nnet/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.(CVE-2014-6418)\n\nA NULL pointer dereference flaw was found in the way the Linux kernel's Common Internet File System (CIFS) implementation handled mounting of file system shares. A remote attacker could use this flaw to crash a client system that would mount a file system share from a malicious server.(CVE-2014-7145)\n\nThe udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via a large IPv6 UDP packet, as demonstrated by use of the Token Bucket Filter (TBF) queueing discipline.(CVE-2013-4563)\n\nThe do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capabilit ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:27:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-19T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2017:3358-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-12193", "CVE-2017-16537", "CVE-2017-15115", "CVE-2017-8824", "CVE-2017-16994", "CVE-2017-17448", "CVE-2017-16646", "CVE-2017-16536", "CVE-2017-7482", "CVE-2017-16939", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-1000405", "CVE-2017-11600", "CVE-2017-16528", "CVE-2017-16645"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851667", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851667\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-12-19 07:45:30 +0100 (Tue, 19 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000405\", \"CVE-2017-1000410\", \"CVE-2017-11600\", \"CVE-2017-12193\",\n \"CVE-2017-15115\", \"CVE-2017-16528\", \"CVE-2017-16536\", \"CVE-2017-16537\",\n \"CVE-2017-16646\", \"CVE-2017-16939\", \"CVE-2017-16994\", \"CVE-2017-17448\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-7482\", \"CVE-2017-8824\",\n \"CVE-2017-16645\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2017:3358-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.2 kernel was updated to 4.4.102 to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000405: A bug in the THP CoW support could be used by local\n attackers to corrupt memory of other processes and cause them to crash\n (bnc#1069496).\n\n - CVE-2017-1000410: The Linux kernel was affected by an information leak\n in the processing of incoming L2CAP commands - ConfigRequest, and\n ConfigResponse messages. (bnc#1070535).\n\n - CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not\n ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or\n less, which allowed local users to cause a denial of service\n (out-of-bounds access) or possibly have unspecified other impact via an\n XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).\n\n - CVE-2017-12193: The assoc_array_insert_into_terminal_node function in\n lib/assoc_array.c in the Linux kernel mishandled node splitting, which\n allowed local users to cause a denial of service (NULL pointer\n dereference and panic) via a crafted application, as demonstrated by the\n keyring key type, and key addition and link creation operations\n (bnc#1066192).\n\n - CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the\n Linux kernel did not check whether the intended netns is used in a\n peel-off action, which allowed local users to cause a denial of service\n (use-after-free and system crash) or possibly have unspecified other\n impact via crafted system calls (bnc#1068671).\n\n - CVE-2017-16528: sound/core/seq_device.c in the Linux kernel allowed\n local users to cause a denial of service (snd_rawmidi_dev_seq_free\n use-after-free and system crash) or possibly have unspecified other\n impact via a crafted USB device (bnc#1066629).\n\n - CVE-2017-16536: The cx231xx_usb_probe function in\n drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed\n local users to cause a denial of service (NULL pointer dereference and\n system crash) or possibly have unspecified other impact via a crafted\n USB device (bnc#1066606).\n\n - CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a crafted USB device (bnc#1066573).\n\n - CVE-2017-16645: The ims_pcu_get_cdc_union_desc function in\n drivers/input/misc/ims-pcu.c in the Linux kernel allowed local users to\n cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and\n system crash) or possibly have unspecified other impa ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:3358-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.103~18.41.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:26:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-19T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2017:3359-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-12193", "CVE-2017-16537", "CVE-2017-15115", "CVE-2017-8824", "CVE-2017-16994", "CVE-2017-17448", "CVE-2017-16646", "CVE-2017-16536", "CVE-2017-7482", "CVE-2017-16939", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-1000405", "CVE-2017-11600", "CVE-2017-16528", "CVE-2017-16645"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851666", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851666", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851666\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-12-19 07:44:21 +0100 (Tue, 19 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000405\", \"CVE-2017-1000410\", \"CVE-2017-11600\", \"CVE-2017-12193\",\n \"CVE-2017-15115\", \"CVE-2017-16528\", \"CVE-2017-16536\", \"CVE-2017-16537\",\n \"CVE-2017-16645\", \"CVE-2017-16646\", \"CVE-2017-16939\", \"CVE-2017-16994\",\n \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-7482\",\n \"CVE-2017-8824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2017:3359-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was updated to 4.4.103 to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000405: A bug in the THP CoW support could be used by local\n attackers to corrupt memory of other processes and cause them to crash\n (bnc#1069496).\n\n - CVE-2017-1000410: The Linux kernel was affected by a vulnerability lies\n in the processing of incoming L2CAP commands - ConfigRequest, and\n ConfigResponse messages. This info leak is a result of uninitialized\n stack variables that may be returned to an attacker in their\n uninitialized state. (bnc#1070535).\n\n - CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not\n ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or\n less, which allowed local users to cause a denial of service\n (out-of-bounds access) or possibly have unspecified other impact via an\n XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).\n\n - CVE-2017-12193: The assoc_array_insert_into_terminal_node function in\n lib/assoc_array.c in the Linux kernel mishandled node splitting, which\n allowed local users to cause a denial of service (NULL pointer\n dereference and panic) via a crafted application, as demonstrated by the\n keyring key type, and key addition and link creation operations\n (bnc#1066192).\n\n - CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the\n Linux kernel did not check whether the intended netns is used in a\n peel-off action, which allowed local users to cause a denial of service\n (use-after-free and system crash) or possibly have unspecified other\n impact via crafted system calls (bnc#1068671).\n\n - CVE-2017-16528: sound/core/seq_device.c in the Linux kernel allowed\n local users to cause a denial of service (snd_rawmidi_dev_seq_free\n use-after-free and system crash) or possibly have unspecified other\n impact via a crafted USB device (bnc#1066629).\n\n - CVE-2017-16536: The cx231xx_usb_probe function in\n drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed\n local users to cause a denial of service (NULL pointer dereference and\n system crash) or possibly have unspecified other impact via a crafted\n USB device (bnc#1066606).\n\n - CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in\n the Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a crafted USB device (bnc#1066573).\n\n - CVE-2017-16645: The ims_pcu_get_cdc_union_desc function in\n drivers/input/misc/ims-pcu.c in the Linux kernel allowed local users to ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:3359-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug\", rpm:\"kselftests-kmp-debug~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug-debuginfo\", rpm:\"kselftests-kmp-debug-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default\", rpm:\"kselftests-kmp-default~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default-debuginfo\", rpm:\"kselftests-kmp-default-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla\", rpm:\"kselftests-kmp-vanilla~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla-debuginfo\", rpm:\"kselftests-kmp-vanilla-debuginfo~4.4.103~36.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-05T16:38:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1528)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8043", "CVE-2016-9777", "CVE-2017-15265", "CVE-2015-8962", "CVE-2015-4002", "CVE-2016-7916", "CVE-2014-4508", "CVE-2015-3339", "CVE-2014-8480", "CVE-2016-2085", "CVE-2017-15115", "CVE-2014-2038", "CVE-2017-17448", "CVE-2014-3917", "CVE-2017-16526", "CVE-2015-4001", "CVE-2017-7482", "CVE-2016-4997", "CVE-2016-7913", "CVE-2016-1576"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191528", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191528", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1528\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2014-2038\", \"CVE-2014-3917\", \"CVE-2014-4508\", \"CVE-2014-8480\", \"CVE-2015-3339\", \"CVE-2015-4001\", \"CVE-2015-4002\", \"CVE-2015-8962\", \"CVE-2016-1576\", \"CVE-2016-2085\", \"CVE-2016-4997\", \"CVE-2016-7913\", \"CVE-2016-7916\", \"CVE-2016-9777\", \"CVE-2017-15115\", \"CVE-2017-15265\", \"CVE-2017-16526\", \"CVE-2017-17448\", \"CVE-2017-7482\", \"CVE-2018-8043\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:05:30 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1528)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1528\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1528\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1528 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system.(CVE-2014-3917)\n\nThe net/netfilter/nfnetlink_cthelper.c function in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations. This allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.(CVE-2017-17448)\n\nA race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the system.(CVE-2015-3339)\n\nKeberos 5 tickets being decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.(CVE-2017-7482)\n\nThe nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.(CVE-2014-2038)\n\nKVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.(CVE-2016-9777)\n\nThe instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.(CVE-2014-8480)\n\narch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.(CVE-2014-4508)\n\nThe overlayfs impl ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-hwe USN-3361-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10208", "CVE-2017-7472", "CVE-2017-5576", "CVE-2016-9604", "CVE-2016-9191", "CVE-2017-7261", "CVE-2017-7895", "CVE-2017-2584", "CVE-2016-9084", "CVE-2017-7616", "CVE-2017-7889", "CVE-2017-6001", "CVE-2017-7618", "CVE-2017-7645", "CVE-2017-5970", "CVE-2017-7273", "CVE-2017-5551", "CVE-2017-2671", "CVE-2017-5550", "CVE-2017-6348", "CVE-2016-8636", "CVE-2017-2583", "CVE-2017-8924", "CVE-2017-6214", "CVE-2017-9150", "CVE-2015-1350", "CVE-2016-9083", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-5546", "CVE-2016-8405", "CVE-2017-8925", "CVE-2017-6346", "CVE-2017-2596", "CVE-2017-7187", "CVE-2017-2618", "CVE-2017-6347", "CVE-2017-5897", "CVE-2017-5549", "CVE-2016-9755"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843249", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3361_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-hwe USN-3361-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843249\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-22 07:23:26 +0200 (Sat, 22 Jul 2017)\");\n script_cve_id(\"CVE-2015-1350\", \"CVE-2016-10208\", \"CVE-2016-8405\", \"CVE-2016-8636\",\n \"CVE-2016-9083\", \"CVE-2016-9084\", \"CVE-2016-9191\", \"CVE-2016-9604\",\n \"CVE-2016-9755\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\",\n \"CVE-2017-2618\", \"CVE-2017-2671\", \"CVE-2017-5546\", \"CVE-2017-5549\",\n \"CVE-2017-5550\", \"CVE-2017-5551\", \"CVE-2017-5576\", \"CVE-2017-5669\",\n \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6214\",\n \"CVE-2017-6345\", \"CVE-2017-6346\", \"CVE-2017-6347\", \"CVE-2017-6348\",\n \"CVE-2017-7187\", \"CVE-2017-7261\", \"CVE-2017-7273\", \"CVE-2017-7472\",\n \"CVE-2017-7616\", \"CVE-2017-7618\", \"CVE-2017-7645\", \"CVE-2017-7889\",\n \"CVE-2017-7895\", \"CVE-2017-8924\", \"CVE-2017-8925\", \"CVE-2017-9150\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-hwe USN-3361-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3358-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 17.04. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu\n 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10\n based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu\n 16.10. Ben Harris discovered that the Linux kernel would strip extended\n privilege attributes of files when performing a failed unprivileged system call.\n A local attacker could use this to cause a denial of service. (CVE-2015-1350)\n Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did\n not properly validate meta block groups. An attacker with physical access could\n use this to specially craft an ext4 image that causes a denial of service\n (system crash). (CVE-2016-10208) Peter Pi discovered that the colormap handling\n for frame buffer devices in the Linux kernel contained an integer overflow. A\n local attacker could use this to disclose sensitive information (kernel memory).\n (CVE-2016-8405) It was discovered that an integer overflow existed in the\n InfiniBand RDMA over ethernet (RXE) transport implementation in the Linux\n kernel. A local attacker could use this to cause a denial of service (system\n crash) or possibly execute arbitrary code. (CVE-2016-8636) Vlad Tsyrklevich\n discovered an integer overflow vulnerability in the VFIO PCI driver for the\n Linux kernel. A local attacker with access to a vfio PCI device file could use\n this to cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2016-9083, CVE-2016-9084) CAI Qian discovered that the sysctl\n implementation in the Linux kernel did not properly perform reference counting\n in some situations. An unprivileged attacker could use this to cause a denial of\n service (system hang). (CVE-2016-9191) It was discovered that the keyring\n implementation in the Linux kernel in some situations did not prevent special\n internal keyrings from being joined by userspace keyrings. A privileged local\n attacker could use this to bypass module verification. (CVE-2016-9604) Dmitry\n Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the\n netfiler subsystem in the Linux kernel mishandled IPv6 packet reassembly. A\n local user could use this to cause a denial of service (system crash) or\n possibly execute arbitrary code. (CVE-2016-9755) Andy Lutomirski and Willy\n Tarreau discovered that the KVM implementation in the Linux kernel did not\n properly emulate instructions on the SS segment register. A local attacker in a\n guest virtual machine could ... Description truncated, for more information\n please check the Reference URL\");\n script_tag(name:\"affected\", value:\"linux-hwe on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3361-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3361-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-generic\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-generic-lpae\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-lowlatency\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-09T17:48:36", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1498)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9806", "CVE-2017-11176", "CVE-2016-9794", "CVE-2016-9754", "CVE-2017-12188", "CVE-2017-1000111", "CVE-2016-9793", "CVE-2017-1000252", "CVE-2017-10810", "CVE-2017-11473", "CVE-2017-10661", "CVE-2017-1000251", "CVE-2017-1000112", "CVE-2017-1000364", "CVE-2017-10911", "CVE-2017-1000410", "CVE-2017-1000370", "CVE-2017-12153", "CVE-2017-12154", "CVE-2017-11600", "CVE-2017-1000365"], "modified": "2020-06-08T00:00:00", "id": "OPENVAS:1361412562311220191498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191498", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1498\");\n script_version(\"2020-06-08T06:52:36+0000\");\n script_cve_id(\"CVE-2016-9754\", \"CVE-2016-9793\", \"CVE-2016-9794\", \"CVE-2016-9806\", \"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-1000251\", \"CVE-2017-1000252\", \"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000410\", \"CVE-2017-10661\", \"CVE-2017-10810\", \"CVE-2017-10911\", \"CVE-2017-11176\", \"CVE-2017-11473\", \"CVE-2017-11600\", \"CVE-2017-12153\", \"CVE-2017-12154\", \"CVE-2017-12188\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-08 06:52:36 +0000 (Mon, 08 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:56:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1498)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1498\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1498\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1498 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow vulnerability was found in the ring_buffer_resize() calculations in which a privileged user can adjust the size of the ringbuffer message size. These calculations can create an issue where the kernel memory allocator will not allocate the correct count of pages yet expect them to be usable. This can lead to the ftrace() output to appear to corrupt kernel memory and possibly be used for privileged escalation or more likely kernel panic.(CVE-2016-9754)\n\nA flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND<pipe>RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.(CVE-2016-9793)\n\nA use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-9794)\n\nA double free vulnerability was found in netlink_dump, which could cause a denial of service or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-9806)\n\nA race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) can use this issue to crash the system.(CVE-2017-1000111)\n\nAn exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges.(CVE-2017-1000112)\n\nA stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64le), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execute ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-05T16:38:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9794", "CVE-2013-4513", "CVE-2016-7917", "CVE-2014-1737", "CVE-2015-1420", "CVE-2014-4655", "CVE-2016-5343", "CVE-2015-5257", "CVE-2016-5243", "CVE-2017-1000364", "CVE-2015-7515", "CVE-2014-3631", "CVE-2017-6345", "CVE-2016-4578", "CVE-2015-8961", "CVE-2015-8575", "CVE-2013-4587", "CVE-2017-2618", "CVE-2014-9419", "CVE-2018-14616"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191508", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1508\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-4513\", \"CVE-2013-4587\", \"CVE-2014-1737\", \"CVE-2014-3631\", \"CVE-2014-4655\", \"CVE-2014-9419\", \"CVE-2015-1420\", \"CVE-2015-5257\", \"CVE-2015-7515\", \"CVE-2015-8575\", \"CVE-2015-8961\", \"CVE-2016-4578\", \"CVE-2016-5243\", \"CVE-2016-5343\", \"CVE-2016-7917\", \"CVE-2016-9794\", \"CVE-2017-1000364\", \"CVE-2017-2618\", \"CVE-2017-6345\", \"CVE-2018-14616\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:59:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1508\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1508 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343)\n\nA use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.(CVE-2014-4655)\n\nRace condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.(CVE-2015-1420)\n\nA flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-3631)\n\nA flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop(). Attackers could abuse this to allow any code which attempts to deal with the journal failure to be mishandled or not fail at all. This could lead to data corruption or crashes.(CVE-2015-8961)\n\nBuffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.(CVE-2013-4513)\n\nThe nfnetlink_rcv_batch() function in 'net/netfilter/nfnetlink.c' in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.(CVE-2016-7917)\n\nArray index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.(CVE-2013-4587)\n\nA leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.(CVE-2016-5243)\n\nAn issue was discovered in the Linux kernel in the ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-09-18T02:53:45", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-lts-trusty \\- Linux hardware enablement kernel from Trusty for Precise ESM\n\nUSN-3381-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu \n12.04 ESM.\n\nPeter Pi discovered that the colormap handling for frame buffer devices in \nthe Linux kernel contained an integer overflow. A local attacker could use \nthis to disclose sensitive information (kernel memory). (CVE-2016-8405)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\nIt was discovered that SELinux in the Linux kernel did not properly handle \nempty writes to /proc/pid/attr. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2017-2618)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-07T00:00:00", "type": "ubuntu", "title": "Linux kernel (Trusty HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8405", "CVE-2017-1000365", "CVE-2017-2618", "CVE-2017-7482"], "modified": "2017-08-07T00:00:00", "id": "USN-3381-2", "href": "https://ubuntu.com/security/notices/USN-3381-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-18T02:49:29", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-lts-xenial \\- Linux hardware enablement kernel from Xenial for Trusty\n\nUSN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. \nThis update provides the corresponding updates for the Linux Hardware \nEnablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nUSN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement \nkernel. Unfortunately, a regression was introduced that prevented \nconntrack from working correctly in some situations. This update \nfixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-16T00:00:00", "type": "ubuntu", "title": "Linux kernel (Xenial HWE) regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-16T00:00:00", "id": "USN-3392-2", "href": "https://ubuntu.com/security/notices/USN-3392-2", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T02:55:16", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-lts-xenial \\- Linux hardware enablement kernel from Xenial for Trusty\n\nUSN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu \n14.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (Xenial HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-03T00:00:00", "id": "USN-3378-2", "href": "https://ubuntu.com/security/notices/USN-3378-2", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T02:54:29", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n\nUSN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. \nThis update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu \n16.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-03T00:00:00", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-03T00:00:00", "id": "USN-3377-2", "href": "https://ubuntu.com/security/notices/USN-3377-2", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T02:49:29", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-gke \\- Linux kernel for Google Container Engine (GKE) systems\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-snapdragon \\- Linux kernel for Snapdragon processors\n\nUSN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a \nregression was introduced that prevented conntrack from working \ncorrectly in some situations. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-16T00:00:00", "type": "ubuntu", "title": "Linux kernel regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-16T00:00:00", "id": "USN-3392-1", "href": "https://ubuntu.com/security/notices/USN-3392-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T02:56:15", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-gke \\- Linux kernel for Google Container Engine (GKE) systems\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-snapdragon \\- Linux kernel for Snapdragon processors\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-03T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-03T00:00:00", "id": "USN-3378-1", "href": "https://ubuntu.com/security/notices/USN-3378-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T02:54:45", "description": "## Releases\n\n * Ubuntu 17.04 \n\n## Packages\n\n * linux \\- Linux kernel\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events \nand vfs rename operations in the Linux kernel. An unprivileged local \nattacker could use this to cause a denial of service (system crash) or \nexecute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict \nRLIMIT_STACK size. A local attacker could use this in conjunction with \nanother vulnerability to possibly execute arbitrary code. \n(CVE-2017-1000365)\n\n\u674e\u5f3a discovered that the Virtio GPU driver in the Linux kernel did not \nproperly free memory in some situations. A local attacker could use this to \ncause a denial of service (memory consumption). (CVE-2017-10810)\n\n\u77f3\u78ca discovered that the RxRPC Kerberos 5 ticket handling code in the \nLinux kernel did not properly verify metadata. A remote attacker could use \nthis to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2017-7482)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-03T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2017-08-03T00:00:00", "id": "USN-3377-1", "href": "https://ubuntu.com/security/notices/USN-3377-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-18T03:00:54", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n\nUSN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. \nThis update provides the corresponding updates for the Linux Hardware \nEnablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please \nnote that this update changes the Linux HWE kernel to the 4.10 based \nkernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from \nUbuntu 16.10.\n\nBen Harris discovered that the Linux kernel would strip extended privilege \nattributes of files when performing a failed unprivileged system call. A \nlocal attacker could use this to cause a denial of service. (CVE-2015-1350)\n\nRalf Spenneberg discovered that the ext4 implementation in the Linux kernel \ndid not properly validate meta block groups. An attacker with physical \naccess could use this to specially craft an ext4 image that causes a denial \nof service (system crash). (CVE-2016-10208)\n\nPeter Pi discovered that the colormap handling for frame buffer devices in \nthe Linux kernel contained an integer overflow. A local attacker could use \nthis to disclose sensitive information (kernel memory). (CVE-2016-8405)\n\nIt was discovered that an integer overflow existed in the InfiniBand RDMA \nover ethernet (RXE) transport implementation in the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2016-8636)\n\nVlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO \nPCI driver for the Linux kernel. A local attacker with access to a vfio PCI \ndevice file could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did \nnot properly perform reference counting in some situations. An unprivileged \nattacker could use this to cause a denial of service (system hang). \n(CVE-2016-9191)\n\nIt was discovered that the keyring implementation in the Linux kernel in \nsome situations did not prevent special internal keyrings from being joined \nby userspace keyrings. A privileged local attacker could use this to bypass \nmodule verification. (CVE-2016-9604)\n\nDmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet \ndiscovered that the netfiler subsystem in the Linux kernel mishandled IPv6 \npacket reassembly. A local user could use this to cause a denial of service \n(system crash) or possibly execute arbitrary code. (CVE-2016-9755)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in \nthe Linux kernel did not properly emulate instructions on the SS segment \nregister. A local attacker in a guest virtual machine could use this to \ncause a denial of service (guest OS crash) or possibly gain administrative \nprivileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel \nimproperly emulated certain instructions. A local attacker could use this \nto obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nDmitry Vyukov discovered that KVM implementation in the Linux kernel \nimproperly emulated the VMXON instruction. A local attacker in a guest OS \ncould use this to cause a denial of service (memory consumption) in the \nhost OS. (CVE-2017-2596)\n\nIt was discovered that SELinux in the Linux kernel did not properly handle \nempty writes to /proc/pid/attr. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2017-2618)\n\nDaniel Jiang discovered that a race condition existed in the ipv4 ping \nsocket implementation in the Linux kernel. A local privileged attacker \ncould use this to cause a denial of service (system crash). (CVE-2017-2671)\n\nIt was discovered that the freelist-randomization in the SLAB memory \nallocator allowed duplicate freelist entries. A local attacker could use \nthis to cause a denial of service (system crash). (CVE-2017-5546)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in \nthe Linux kernel did not properly initialize memory related to logging. A \nlocal attacker could use this to expose sensitive information (kernel \nmemory). (CVE-2017-5549)\n\nIt was discovered that a fencepost error existed in the pipe_advance() \nfunction in the Linux kernel. A local attacker could use this to expose \nsensitive information (kernel memory). (CVE-2017-5550)\n\nIt was discovered that the Linux kernel did not clear the setgid bit during \na setxattr call on a tmpfs filesystem. A local attacker could use this to \ngain elevated group privileges. (CVE-2017-5551)\n\nMurray McAllister discovered that an integer overflow existed in the \nVideoCore DRM driver of the Linux kernel. A local attacker could use this \nto cause a denial of service (system crash) or possibly execute arbitrary \ncode. (CVE-2017-5576)\n\nGareth Evans discovered that the shm IPC subsystem in the Linux kernel did \nnot properly restrict mapping page zero. A local privileged attacker could \nuse this to execute arbitrary code. (CVE-2017-5669)\n\nAndrey Konovalov discovered an out-of-bounds access in the IPv6 Generic \nRouting Encapsulation (GRE) tunneling implementation in the Linux kernel. \nAn attacker could use this to possibly expose sensitive information. \n(CVE-2017-5897)\n\nAndrey Konovalov discovered that the IPv4 implementation in the Linux \nkernel did not properly handle invalid IP options in some situations. An \nattacker could use this to cause a denial of service or possibly execute \narbitrary code. (CVE-2017-5970)\n\nDi Shen discovered that a race condition existed in the perf subsystem of \nthe Linux kernel. A local attacker could use this to cause a denial of \nservice or possibly gain administrative privileges. (CVE-2017-6001)\n\nDmitry Vyukov discovered that the Linux kernel did not properly handle TCP \npackets with the URG flag. A remote attacker could use this to cause a \ndenial of service. (CVE-2017-6214)\n\nAndrey Konovalov discovered that the LLC subsytem in the Linux kernel did \nnot properly set up a destructor in certain situations. A local attacker \ncould use this to cause a denial of service (system crash). (CVE-2017-6345)\n\nIt was discovered that a race condition existed in the AF_PACKET handling \ncode in the Linux kernel. A local attacker could use this to cause a denial \nof service (system crash) or possibly execute arbitrary code. \n(CVE-2017-6346)\n\nAndrey Konovalov discovered that the IP layer in the Linux kernel made \nimproper assumptions about internal data layout when performing checksums. \nA local attacker could use this to cause a denial of service (system crash) \nor possibly execute arbitrary code. (CVE-2017-6347)\n\nDmitry Vyukov discovered race conditions in the Infrared (IrDA) subsystem \nin the Linux kernel. A local attacker could use this to cause a denial of \nservice (deadlock). (CVE-2017-6348)\n\nDmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux \nkernel contained a stack-based buffer overflow. A local attacker with \naccess to an sg device could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2017-7187)\n\nIt was discovered that a NULL pointer dereference existed in the Direct \nRendering Manager (DRM) driver for VMWare devices in the Linux kernel. A \nlocal attacker could use this to cause a denial of service (system crash). \n(CVE-2017-7261)\n\nIt was discovered that the USB Cypress HID drivers for the Linux kernel did \nnot properly validate reported information from the device. An attacker \nwith physical access could use this to expose sensitive information (kernel \nmemory). (CVE-2017-7273)\n\nEric Biggers discovered a memory leak in the keyring implementation in the \nLinux kernel. A local attacker could use this to cause a denial of service \n(memory consumption). (CVE-2017-7472)\n\nIt was discovered that an information leak existed in the set_mempolicy and \nmbind compat syscalls in the Linux kernel. A local attacker could use this \nto expose sensitive information (kernel memory). (CVE-2017-7616)\n\nSabrina Dubroca discovered that the asynchronous cryptographic hash (ahash) \nimplementation in the Linux kernel did not properly handle a full request \nqueue. A local attacker could use this to cause a denial of service \n(infinite recursion). (CVE-2017-7618)\n\nTuomas Haanp\u00e4\u00e4 and Ari Kauppi discovered that the NFSv2 and NFSv3 server \nimplementations in the Linux kernel did not properly handle certain long \nRPC replies. A remote attacker could use this to cause a denial of service \n(system crash). (CVE-2017-7645)\n\nTommi Rantala and Brad Spengler discovered that the memory manager in the \nLinux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection \nmechanism. A local attacker with access to /dev/mem could use this to \nexpose sensitive information or possibly execute arbitrary code. \n(CVE-2017-7889)\n\nTuomas Haanp\u00e4\u00e4 and Ari Kauppi discovered that the NFSv2 and NFSv3 server \nimplementations in the Linux kernel did not properly check for the end of \nbuffer. A remote attacker could use this to craft requests that cause a \ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2017-7895)\n\nIt was discovered that an integer underflow existed in the Edgeport USB \nSerial Converter device driver of the Linux kernel. An attacker with \nphysical access could use this to expose sensitive information (kernel \nmemory). (CVE-2017-8924)\n\nIt was discovered that the USB ZyXEL omni.net LCD PLUS driver in the Linux \nkernel did not properly perform reference counting. A local attacker could \nuse this to cause a denial of service (tty exhaustion). (CVE-2017-8925)\n\nJann Horn discovered that bpf in Linux kernel does not restrict the output \nof the print_bpf_insn function. A local attacker could use this to obtain \nsensitive address information. (CVE-2017-9150)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-21T00:00:00", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1350", "CVE-2016-10208", "CVE-2016-8405", "CVE-2016-8636", "CVE-2016-9083", "CVE-2016-9084", "CVE-2016-9191", "CVE-2016-9604", "CVE-2016-9755", "CVE-2017-2583", "CVE-2017-2584", "CVE-2017-2596", "CVE-2017-2618", "CVE-2017-2671", "CVE-2017-5546", "CVE-2017-5549", "CVE-2017-5550", "CVE-2017-5551", "CVE-2017-5576", "CVE-2017-5669", "CVE-2017-5897", "CVE-2017-5970", "CVE-2017-6001", "CVE-2017-6214", "CVE-2017-6345", "CVE-2017-6346", "CVE-2017-6347", "CVE-2017-6348", "CVE-2017-7187", "CVE-2017-7261", "CVE-2017-7273", "CVE-2017-7472", "CVE-2017-7616", "CVE-2017-7618", "CVE-2017-7645", "CVE-2017-7889", "CVE-2017-7895", "CVE-2017-8924", "CVE-2017-8925", "CVE-2017-9150"], "modified": "2017-07-21T00:00:00", "id": "USN-3361-1", "href": "https://ubuntu.com/security/notices/USN-3361-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-09-24T15:43:17", "description": "Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information (kernel memory). (CVE-2016-8405)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nIt was discovered that SELinux in the Linux kernel did not properly handle empty writes to /proc/pid/attr. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-2618)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-08T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-3381-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8405", "CVE-2017-1000365", "CVE-2017-2618", "CVE-2017-7482"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3381-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102261", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3381-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102261);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-8405\", \"CVE-2017-1000365\", \"CVE-2017-2618\", \"CVE-2017-7482\");\n script_xref(name:\"USN\", value:\"3381-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-3381-1) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Peter Pi discovered that the colormap handling for frame buffer\ndevices in the Linux kernel contained an integer overflow. A local\nattacker could use this to disclose sensitive information (kernel\nmemory). (CVE-2016-8405)\n\nIt was discovered that the Linux kernel did not properly restrict\nRLIMIT_STACK size. A local attacker could use this in conjunction with\nanother vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nIt was discovered that SELinux in the Linux kernel did not properly\nhandle empty writes to /proc/pid/attr. A local attacker could use this\nto cause a denial of service (system crash). (CVE-2017-2618)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in\nthe Linux kernel did not properly verify metadata. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3381-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8405\", \"CVE-2017-1000365\", \"CVE-2017-2618\", \"CVE-2017-7482\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3381-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-126-generic\", pkgver:\"3.13.0-126.175\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-126-generic-lpae\", pkgver:\"3.13.0-126.175\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-126-lowlatency\", pkgver:\"3.13.0-126.175\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic\", pkgver:\"3.13.0.126.136\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"3.13.0.126.136\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"3.13.0.126.136\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-25T15:06:37", "description": "New kernel packages are available for Slackware 14.2 and -current to fix security issues.", "cvss3": {}, "published": "2017-07-03T00:00:00", "type": "nessus", "title": "Slackware 14.2 / current : kernel (SSA:2017-181-02) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-7482"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2017-181-02.NASL", "href": "https://www.tenable.com/plugins/nessus/101170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-181-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101170);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-7482\");\n script_xref(name:\"SSA\", value:\"2017-181-02\");\n\n script_name(english:\"Slackware 14.2 / current : kernel (SSA:2017-181-02) (Stack Clash)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.2 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.852574\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db151476\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/30\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.75\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.75_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.75_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.75\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.75_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.75\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.75_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.75_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.75\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.75\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.75\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.75\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.75\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic\", pkgver:\"4.9.35\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic-smp\", pkgver:\"4.9.35_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-headers\", pkgver:\"4.9.35_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge\", pkgver:\"4.9.35\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge-smp\", pkgver:\"4.9.35_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules\", pkgver:\"4.9.35\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules-smp\", pkgver:\"4.9.35_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-source\", pkgver:\"4.9.35_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.9.35\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.9.35\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.9.35\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.9.35\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.9.35\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:36", "description": "Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3378-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3378-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102197", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3378-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102197);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3378-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3378-1) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Fan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict\nRLIMIT_STACK size. A local attacker could use this in conjunction with\nanother vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did\nnot properly free memory in some situations. A local attacker could\nuse this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in\nthe Linux kernel did not properly verify metadata. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3378-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3378-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1024-gke\", pkgver:\"4.4.0-1024.24\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1028-aws\", pkgver:\"4.4.0-1028.37\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1067-raspi2\", pkgver:\"4.4.0-1067.75\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1069-snapdragon\", pkgver:\"4.4.0-1069.74\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-89-generic\", pkgver:\"4.4.0-89.112\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-89-generic-lpae\", pkgver:\"4.4.0-89.112\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-89-lowlatency\", pkgver:\"4.4.0-89.112\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1028.31\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.89.95\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.89.95\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.4.0.1024.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.89.95\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1067.68\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1069.62\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:01", "description": "USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-16T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression (USN-3392-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3392-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102524", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3392-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102524);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3392-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression (USN-3392-1) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a\nregression was introduced that prevented conntrack from working\ncorrectly in some situations. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly\nrestrict RLIMIT_STACK size. A local attacker could use this\nin conjunction with another vulnerability to possibly\nexecute arbitrary code. (CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux\nkernel did not properly free memory in some situations. A\nlocal attacker could use this to cause a denial of service\n(memory consumption). (CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling\ncode in the Linux kernel did not properly verify metadata. A\nremote attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code.\n(CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3392-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3392-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1027-gke\", pkgver:\"4.4.0-1027.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1031-aws\", pkgver:\"4.4.0-1031.40\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1070-raspi2\", pkgver:\"4.4.0-1070.78\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1072-snapdragon\", pkgver:\"4.4.0-1072.77\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-92-generic\", pkgver:\"4.4.0-92.115\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-92-generic-lpae\", pkgver:\"4.4.0-92.115\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-92-lowlatency\", pkgver:\"4.4.0-92.115\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1031.33\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.92.97\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.92.97\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.4.0.1027.28\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.92.97\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1070.70\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1072.64\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:41", "description": "Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "nessus", "title": "Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:17.04"], "id": "UBUNTU_USN-3377-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102195", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3377-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102195);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3377-1\");\n\n script_name(english:\"Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Fan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict\nRLIMIT_STACK size. A local attacker could use this in conjunction with\nanother vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did\nnot properly free memory in some situations. A local attacker could\nuse this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in\nthe Linux kernel did not properly verify metadata. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3377-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(17\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 17.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3377-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-1013-raspi2\", pkgver:\"4.10.0-1013.16\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-30-generic\", pkgver:\"4.10.0-30.34\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-30-generic-lpae\", pkgver:\"4.10.0-30.34\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-30-lowlatency\", pkgver:\"4.10.0-30.34\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-generic\", pkgver:\"4.10.0.30.31\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.10.0.30.31\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.10.0.30.31\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.10.0.1013.15\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.10-generic / linux-image-4.10-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:37", "description": "USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nUSN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-16T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-xenial regression (USN-3392-2) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3392-2.NASL", "href": "https://www.tenable.com/plugins/nessus/102525", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3392-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102525);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3392-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial regression (USN-3392-2) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nUSN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement\nkernel. Unfortunately, a regression was introduced that prevented\nconntrack from working correctly in some situations. This update fixes\nthe problem.\n\nWe apologize for the inconvenience.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly\nrestrict RLIMIT_STACK size. A local attacker could use this\nin conjunction with another vulnerability to possibly\nexecute arbitrary code. (CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux\nkernel did not properly free memory in some situations. A\nlocal attacker could use this to cause a denial of service\n(memory consumption). (CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling\ncode in the Linux kernel did not properly verify metadata. A\nremote attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code.\n(CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3392-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3392-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-92-generic\", pkgver:\"4.4.0-92.115~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-92-generic-lpae\", pkgver:\"4.4.0-92.115~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-92-lowlatency\", pkgver:\"4.4.0-92.115~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.92.76\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.92.76\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.92.76\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:13", "description": "USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3378-2) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3378-2.NASL", "href": "https://www.tenable.com/plugins/nessus/102198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3378-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102198);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3378-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3378-2) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict\nRLIMIT_STACK size. A local attacker could use this in conjunction with\nanother vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did\nnot properly free memory in some situations. A local attacker could\nuse this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in\nthe Linux kernel did not properly verify metadata. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3378-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3378-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-89-generic\", pkgver:\"4.4.0-89.112~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-89-generic-lpae\", pkgver:\"4.4.0-89.112~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-89-lowlatency\", pkgver:\"4.4.0-89.112~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.89.74\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.89.74\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.89.74\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:38", "description": "USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.\nThis update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did not properly free memory in some situations. A local attacker could use this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3377-2) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-7482", "CVE-2017-7533"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3377-2.NASL", "href": "https://www.tenable.com/plugins/nessus/102196", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3377-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102196);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n script_xref(name:\"USN\", value:\"3377-2\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3377-2) (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.\n\nFan Wu and Shixiong Zhao discovered a race condition between inotify\nevents and vfs rename operations in the Linux kernel. An unprivileged\nlocal attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2017-7533)\n\nIt was discovered that the Linux kernel did not properly restrict\nRLIMIT_STACK size. A local attacker could use this in conjunction with\nanother vulnerability to possibly execute arbitrary code.\n(CVE-2017-1000365)\n\nLi Qiang discovered that the Virtio GPU driver in the Linux kernel did\nnot properly free memory in some situations. A local attacker could\nuse this to cause a denial of service (memory consumption).\n(CVE-2017-10810)\n\nShi Lei discovered that the RxRPC Kerberos 5 ticket handling code in\nthe Linux kernel did not properly verify metadata. A remote attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-7482).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3377-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-7482\", \"CVE-2017-7533\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3377-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-30-generic\", pkgver:\"4.10.0-30.34~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-30-generic-lpae\", pkgver:\"4.10.0-30.34~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-30-lowlatency\", pkgver:\"4.10.0-30.34~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.10.0.30.33\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.10.0.30.33\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.10.0.30.33\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.10-generic / linux-image-4.10-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:21", "description": "New kernel packages are available for Slackware 14.0 to fix security issues.", "cvss3": {}, "published": "2017-07-05T00:00:00", "type": "nessus", "title": "Slackware 14.0 : Slackware 14.0 kernel (SSA:2017-184-01) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-7482"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.0"], "id": "SLACKWARE_SSA_2017-184-01.NASL", "href": "https://www.tenable.com/plugins/nessus/101206", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-184-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101206);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-7482\");\n script_xref(name:\"SSA\", value:\"2017-184-01\");\n\n script_name(english:\"Slackware 14.0 : Slackware 14.0 kernel (SSA:2017-184-01) (Stack Clash)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.0 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.614045\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c20a7d4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/03\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-generic\", pkgver:\"3.2.90\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-generic-smp\", pkgver:\"3.2.90_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-headers\", pkgver:\"3.2.90_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-huge\", pkgver:\"3.2.90\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-huge-smp\", pkgver:\"3.2.90_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-modules\", pkgver:\"3.2.90\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-modules-smp\", pkgver:\"3.2.90_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"kernel-source\", pkgver:\"3.2.90_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"3.2.90\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"3.2.90\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"3.2.90\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"3.2.90\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"3.2.90\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:19", "description": "New kernel packages are available for Slackware 14.1 to fix security issues.", "cvss3": {}, "published": "2017-06-30T00:00:00", "type": "nessus", "title": "Slackware 14.1 : Slackware 14.1 kernel (SSA:2017-180-01) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2017-180-01.NASL", "href": "https://www.tenable.com/plugins/nessus/101115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-180-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101115);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000365\");\n script_xref(name:\"SSA\", value:\"2017-180-01\");\n\n script_name(english:\"Slackware 14.1 : Slackware 14.1 kernel (SSA:2017-180-01) (Stack Clash)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.1 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.696048\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bac2e0dd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-generic\", pkgver:\"3.10.107\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-generic-smp\", pkgver:\"3.10.107_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-headers\", pkgver:\"3.10.107_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-huge\", pkgver:\"3.10.107\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-huge-smp\", pkgver:\"3.10.107_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-modules\", pkgver:\"3.10.107\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-modules-smp\", pkgver:\"3.10.107_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"kernel-source\", pkgver:\"3.10.107_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"3.10.107\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"3.10.107\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"3.10.107\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"3.10.107\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"3.10.107\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-25T15:05:59", "description": "The openSUSE Leap 42.2 kernel was updated to 4.4.74 to receive various security and bugfixes.\n\nThis update fixes some long standing btrfs issues.\n\nThe following security bugs were fixed :\n\n - CVE-2017-7518: A KVM debug exception in the syscall handling was fixed which might have been used for local privilege escalation. (bnc#1045922).\n\n - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).\n\nThe following non-security bugs were fixed :\n\n - bluetooth: hidp: fix possible might sleep error in hidp_session_thread (bsc#1031784).\n\n - btrfs: disable possible cause of premature ENOSPC (bsc#1040182)\n\n - btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n\n - btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n\n - drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821).\n\n - Fix kABI breakage by KVM CVE fix (bsc#1045922).\n\n - hpsa: limit transfer length to 1MB (bsc#1025461).\n\n - hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).\n\n - ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).\n\n - iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).\n\n - iwlwifi: 8000: fix MODULE_FIRMWARE input (FATE#321353, FATE#323335).\n\n - iwlwifi: 9000: increase the number of queues (FATE#321353, FATE#323335).\n\n - iwlwifi: add device ID for 8265 (FATE#321353, FATE#323335).\n\n - iwlwifi: add device IDs for the 8265 device (FATE#321353, FATE#323335).\n\n - iwlwifi: add disable_11ac module param (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 3168 series devices support (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8260 PCI IDs (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8265 (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8265 series PCI ID (FATE#321353, FATE#323335).\n\n - iwlwifi: Add new PCI IDs for 9260 and 5165 series (FATE#321353, FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new 3168 series (FATE#321353, FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new series 8165 (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for 12K Receive Buffers (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for getting HW address from CSR (FATE#321353, FATE#323335).\n\n - iwlwifi: avoid d0i3 commands when no/init ucode is loaded (FATE#321353, FATE#323335).\n\n - iwlwifi: bail out in case of bad trans state (FATE#321353, FATE#323335).\n\n - iwlwifi: block the queues when we send ADD_STA for uAPSD (FATE#321353, FATE#323335).\n\n - iwlwifi: change the Intel Wireless email address (FATE#321353, FATE#323335).\n\n - iwlwifi: change the Intel Wireless email address (FATE#321353, FATE#323335).\n\n - iwlwifi: check for valid ethernet address provided by OEM (FATE#321353, FATE#323335).\n\n - iwlwifi: clean up transport debugfs handling (FATE#321353, FATE#323335).\n\n - iwlwifi: clear ieee80211_tx_info->driver_data in the op_mode (FATE#321353, FATE#323335).\n\n - iwlwifi: Document missing module options (FATE#321353, FATE#323335).\n\n - iwlwifi: dump prph registers in a common place for all transports (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: advertise NETIF_F_SG (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: fix compare_const_fl.cocci warnings (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: handle zero brightness for wifi LED (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: remove a wrong dependency on m (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: remove Kconfig default (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: remove stray debug code (FATE#321353, FATE#323335).\n\n - iwlwifi: export the _no_grab version of PRPH IO functions (FATE#321353, FATE#323335).\n\n - iwlwifi: expose fw usniffer mode to more utilities (FATE#321353, FATE#323335).\n\n - iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000 (FATE#321353, FATE#323335).\n\n - iwlwifi: Fix firmware name maximum length definition (FATE#321353, FATE#323335).\n\n - iwlwifi: fix name of ucode loaded for 8265 series (FATE#321353, FATE#323335).\n\n - iwlwifi: fix printf specifier (FATE#321353, FATE#323335).\n\n - iwlwifi: generalize d0i3_entry_timeout module parameter (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: adapt the firmware assert log to new firmware (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add 9000-series RX API (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add 9000 series RX processing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add a non-trigger window to fw dbg triggers (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add an option to start rs from HT/VHT rates (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Add a station in monitor mode (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add bt rrc and ttc to debugfs (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add bt settings to debugfs (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add ctdp operations to debugfs (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add CT-KILL notification (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add debug print if scan config is ignored (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add extended dwell time (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add new ADD_STA command version (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Add P2P client snoozing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add registration to cooling device (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add registration to thermal zone (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add support for negative temperatures (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add tlv for multi queue rx support (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add trigger for firmware dump upon TDLS events (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add trigger for firmware dump upon TX response status (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: advertise NETIF_F_SG (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Align bt-coex priority with requirements (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid panics with thermal device usage (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid to WARN about gscan capabilities (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: bail out if CTDP start operation fails (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: bump firmware API to 21 (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: bump max API to 20 (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change access to ieee80211_hdr (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change mcc update API (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Change number of associated stations when station becomes associated (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change protocol offload flows (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change the check for ADD_STA status (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check FW's response for nvm access write cmd (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check minimum temperature notification length (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: cleanup roc te on restart cleanup (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Configure fragmented scan for scheduled scan (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: configure scheduled scan according to traffic conditions (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: disable DQA support (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not ask beacons when P2P GO vif and no assoc sta (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not keep an mvm ref when the interface is down (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not let NDPs mess the packet tracking (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not restart HW if suspend fails with unified image (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Do not switch to D3 image on suspend (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not try to offload AES-CMAC in AP/IBSS modes (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: dump more registers upon error (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: dump the radio registers when the firmware crashes (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: enable L3 filtering (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Enable MPLUT only on supported hw (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: enable VHT MU-MIMO for supported hardware (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: extend time event duration (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix accessing NULL pointer during fw dump collection (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix d3_test with unified D0/D3 images (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix debugfs signedness warning (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix extended dwell time (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans() (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix memory leaks in error paths upon fw error dump (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix netdetect starting/stopping for unified images (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix RSS key sizing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix unregistration of thermal in some error flows (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: flush all used TX queues before suspending (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware does not support it (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: handle pass all scan reporting (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: infrastructure for frame-release message (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: kill iwl_mvm_enable_agg_txq (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: let the firmware choose the antenna for beacons (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: make collecting fw debug data optional (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: move fw-dbg code to separate file (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: prepare the code towards TSO implementation (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: refactor d3 key update functions (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: refactor the way fw_key_table is handled (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove an extra tab (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Remove bf_vif from iwl_power_vifs (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove redundant d0i3 flag from the config struct (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove shadowing variable (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove stray nd_config element (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove the vif parameter of iwl_mvm_configure_bcast_filter() (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported() (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211's combination (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: report wakeup for wowlan (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: reset mvm->scan_type when firmware is started (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: return the cooling state index instead of the budget (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ROC: cleanup time event info on FW failure (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ROC: Extend the ROC max delay duration & limit ROC duration (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a potential out of bounds access (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a theoretical access to uninitialized array elements (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a warning message (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix TPC action decision algorithm (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix TPC statistics handling (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: set default new STA as non-aggregated (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: set the correct amsdu enum values (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: set the correct descriptor size for tracing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: small update in the firmware API (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support A-MSDU in A-MPDU (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support beacon storing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support description for user triggered fw dbg collection (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support rss queues configuration command (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Support setting continuous recording debug mode (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support setting minimum quota from debugfs (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support sw queue start/stop from mvm (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: take care of padded packets (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: take the transport ref back when leaving (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: track low-latency sources separately (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: update GSCAN capabilities (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: update ucode status before stopping device (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: use build-time assertion for fw trigger ID (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: use firmware station lookup, combine code (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: various trivial cleanups (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: writing zero bytes to debugfs causes a crash (FATE#321353, FATE#323335).\n\n - iwlwifi: nvm: fix loading default NVM file (FATE#321353, FATE#323335).\n\n - iwlwifi: nvm: fix up phy section when reading it (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add 9000 series multi queue rx DMA support (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add infrastructure for multi-queue rx (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add initial RTPM support for PCI (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: Add new configuration to enable MSIX (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add pm_prepare and pm_complete ops (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add RTPM support when wifi is enabled (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: aggregate Flow Handler configuration writes (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: allow the op_mode to block the tx queues (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: allow to pretend to have Tx CSUM for debug (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: avoid restocks inside rx loop if not emergency (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: buffer packets to avoid overflowing Tx queues (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: build an A-MSDU using TSO core (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: configure more RFH settings (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: detect and workaround invalid write ptr behavior (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: do not increment / decrement a bool (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: enable interrupts before releasing the NIC's CPU (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: enable multi-queue rx path (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: extend device reset delay (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fine tune number of rxbs (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix a race in firmware loading flow (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix erroneous return value (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix global table size (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix identation in trans.c (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix RF-Kill vs. firmware load race (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: forbid RTPM on device removal (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: mark command queue lock with separate lockdep class (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: refactor RXBs reclaiming code (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: remove ICT allocation message (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: remove pointer from debug message (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: re-organize code towards TSO (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: set RB chunk size back to 64 (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: update iwl_mpdu_desc fields (FATE#321353, FATE#323335).\n\n - iwlwifi: print index in api/capa flags parsing message (FATE#321353, FATE#323335).\n\n - iwlwifi: refactor the code that reads the MAC address from the NVM (FATE#321353, FATE#323335).\n\n - iwlwifi: remove IWL_DL_LED (FATE#321353, FATE#323335).\n\n - iwlwifi: remove unused parameter from grab_nic_access (FATE#321353, FATE#323335).\n\n - iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables (FATE#321353, FATE#323335).\n\n - iwlwifi: set max firmware version of 7265 to 17 (FATE#321353, FATE#323335).\n\n - iwlwifi: support ucode with d0 unified image - regular and usniffer (FATE#321353, FATE#323335).\n\n - iwlwifi: trans: make various conversion macros inlines (FATE#321353, FATE#323335).\n\n - iwlwifi: trans: support a callback for ASYNC commands (FATE#321353, FATE#323335).\n\n - iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian (FATE#321353, FATE#323335).\n\n - iwlwifi: tt: move ucode_loaded check under mutex (FATE#321353, FATE#323335).\n\n - iwlwifi: uninline iwl_trans_send_cmd (FATE#321353, FATE#323335).\n\n - iwlwifi: update host command messages to new format (FATE#321353, FATE#323335).\n\n - iwlwifi: Update PCI IDs for 8000 and 9000 series (FATE#321353, FATE#323335).\n\n - iwlwifi: update support for 3168 series firmware and NVM (FATE#321353, FATE#323335).\n\n - iwlwifi: various comments and code cleanups (FATE#321353, FATE#323335).\n\n - kabi: ignore fs_info parameter for tracepoints that didn't have it (bsc#1044912).\n\n - kabi/severities: ignore kABi changes in iwlwifi stuff itself\n\n - powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS (FATE#322421).\n\n - printk: Correctly handle preemption in console_unlock() (bsc#1046434).\n\n - printk/xen: Force printk sync mode when migrating Xen guest (bsc#1043347).\n\n - RDMA/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr() (bsc#1026570).\n\n - smartpqi: limit transfer length to 1MB (bsc#1025461).\n\n - tty: Destroy ldisc instance on hangup (bnc#1043488).\n\n - tty: Fix ldisc crash on reopened tty (bnc#1043488).\n\n - tty: Handle NULL tty->ldisc (bnc#1043488).\n\n - tty: Move tty_ldisc_kill() (bnc#1043488).\n\n - tty: Prepare for destroying line discipline on hangup (bnc#1043488).\n\n - tty: Refactor tty_ldisc_reinit() for reuse (bnc#1043488).\n\n - tty: Reset c_line from driver's init_termios (bnc#1043488).\n\n - tty: Simplify tty_set_ldisc() exit handling (bnc#1043488).\n\n - tty: Use 'disc' for line discipline index name (bnc#1043488).\n\n - Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)\n\n - Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854). Fix bsc reference\n\n - Update patches.fixes/xfs-split-default-quota-limits-by-quota-ty pe.patch (bsc#1040941). Fix the bug nr used.", "cvss3": {}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2017-798) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-7518"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-798.NASL", "href": "https://www.tenable.com/plugins/nessus/101348", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-798.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101348);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-7518\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2017-798) (Stack Clash)\");\n script_summary(english:\"Check for the openSUSE-2017-798 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.2 kernel was updated to 4.4.74 to receive various\nsecurity and bugfixes.\n\nThis update fixes some long standing btrfs issues.\n\nThe following security bugs were fixed :\n\n - CVE-2017-7518: A KVM debug exception in the syscall\n handling was fixed which might have been used for local\n privilege escalation. (bnc#1045922).\n\n - CVE-2017-1000365: The Linux Kernel imposes a size\n restriction on the arguments and environmental strings\n passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the\n size), but did not take the argument and environment\n pointers into account, which allowed attackers to bypass\n this limitation. (bnc#1039354).\n\nThe following non-security bugs were fixed :\n\n - bluetooth: hidp: fix possible might sleep error in\n hidp_session_thread (bsc#1031784).\n\n - btrfs: disable possible cause of premature ENOSPC\n (bsc#1040182)\n\n - btrfs: Manually implement device_total_bytes\n getter/setter (bsc#1043912).\n\n - btrfs: Round down values which are written for\n total_bytes_size (bsc#1043912).\n\n - drm/i915: Serialize GTT/Aperture accesses on BXT\n (bsc#1046821).\n\n - Fix kABI breakage by KVM CVE fix (bsc#1045922).\n\n - hpsa: limit transfer length to 1MB (bsc#1025461).\n\n - hwpoison, memcg: forcibly uncharge LRU pages\n (bnc#1046105).\n\n - ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).\n\n - iw_cxgb4: Fix error return code in c4iw_rdev_open()\n (bsc#1026570).\n\n - iwlwifi: 8000: fix MODULE_FIRMWARE input (FATE#321353,\n FATE#323335).\n\n - iwlwifi: 9000: increase the number of queues\n (FATE#321353, FATE#323335).\n\n - iwlwifi: add device ID for 8265 (FATE#321353,\n FATE#323335).\n\n - iwlwifi: add device IDs for the 8265 device\n (FATE#321353, FATE#323335).\n\n - iwlwifi: add disable_11ac module param (FATE#321353,\n FATE#323335).\n\n - iwlwifi: add new 3168 series devices support\n (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8260 PCI IDs (FATE#321353,\n FATE#323335).\n\n - iwlwifi: add new 8265 (FATE#321353, FATE#323335).\n\n - iwlwifi: add new 8265 series PCI ID (FATE#321353,\n FATE#323335).\n\n - iwlwifi: Add new PCI IDs for 9260 and 5165 series\n (FATE#321353, FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new 3168 series\n (FATE#321353, FATE#323335).\n\n - iwlwifi: Add PCI IDs for the new series 8165\n (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for 12K Receive Buffers\n (FATE#321353, FATE#323335).\n\n - iwlwifi: add support for getting HW address from CSR\n (FATE#321353, FATE#323335).\n\n - iwlwifi: avoid d0i3 commands when no/init ucode is\n loaded (FATE#321353, FATE#323335).\n\n - iwlwifi: bail out in case of bad trans state\n (FATE#321353, FATE#323335).\n\n - iwlwifi: block the queues when we send ADD_STA for uAPSD\n (FATE#321353, FATE#323335).\n\n - iwlwifi: change the Intel Wireless email address\n (FATE#321353, FATE#323335).\n\n - iwlwifi: change the Intel Wireless email address\n (FATE#321353, FATE#323335).\n\n - iwlwifi: check for valid ethernet address provided by\n OEM (FATE#321353, FATE#323335).\n\n - iwlwifi: clean up transport debugfs handling\n (FATE#321353, FATE#323335).\n\n - iwlwifi: clear ieee80211_tx_info->driver_data in the\n op_mode (FATE#321353, FATE#323335).\n\n - iwlwifi: Document missing module options (FATE#321353,\n FATE#323335).\n\n - iwlwifi: dump prph registers in a common place for all\n transports (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: advertise NETIF_F_SG (FATE#321353,\n FATE#323335).\n\n - iwlwifi: dvm: fix compare_const_fl.cocci warnings\n (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: handle zero brightness for wifi LED\n (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: remove a wrong dependency on m\n (FATE#321353, FATE#323335).\n\n - iwlwifi: dvm: remove Kconfig default (FATE#321353,\n FATE#323335).\n\n - iwlwifi: dvm: remove stray debug code (FATE#321353,\n FATE#323335).\n\n - iwlwifi: export the _no_grab version of PRPH IO\n functions (FATE#321353, FATE#323335).\n\n - iwlwifi: expose fw usniffer mode to more utilities\n (FATE#321353, FATE#323335).\n\n - iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000\n (FATE#321353, FATE#323335).\n\n - iwlwifi: Fix firmware name maximum length definition\n (FATE#321353, FATE#323335).\n\n - iwlwifi: fix name of ucode loaded for 8265 series\n (FATE#321353, FATE#323335).\n\n - iwlwifi: fix printf specifier (FATE#321353,\n FATE#323335).\n\n - iwlwifi: generalize d0i3_entry_timeout module parameter\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: adapt the firmware assert log to new\n firmware (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add 9000-series RX API (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: add 9000 series RX processing\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add a non-trigger window to fw dbg\n triggers (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add an option to start rs from HT/VHT\n rates (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Add a station in monitor mode\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add bt rrc and ttc to debugfs\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add bt settings to debugfs (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: add ctdp operations to debugfs\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add CT-KILL notification (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: add debug print if scan config is ignored\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add extended dwell time (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: add new ADD_STA command version\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Add P2P client snoozing (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: add registration to cooling device\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add registration to thermal zone\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add support for negative temperatures\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add tlv for multi queue rx support\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add trigger for firmware dump upon TDLS\n events (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: add trigger for firmware dump upon TX\n response status (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: advertise NETIF_F_SG (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: Align bt-coex priority with requirements\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: allow to disable beacon filtering for\n AP/GO interface (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid panics with thermal device usage\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: avoid to WARN about gscan capabilities\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: bail out if CTDP start operation fails\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: bump firmware API to 21 (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: bump max API to 20 (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: change access to ieee80211_hdr\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return\n the station (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change mcc update API (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Change number of associated stations when\n station becomes associated (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change protocol offload flows\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: change the check for ADD_STA status\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check FW's response for nvm access write\n cmd (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params()\n return value (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: check minimum temperature notification\n length (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: cleanup roc te on restart cleanup\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Configure fragmented scan for scheduled\n scan (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: configure scheduled scan according to\n traffic conditions (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: constify the parameters of a few functions\n in fw-dbg.c (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN\n configured (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: disable DQA support (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: do not ask beacons when P2P GO vif and no\n assoc sta (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not keep an mvm ref when the interface\n is down (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not let NDPs mess the packet tracking\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not restart HW if suspend fails with\n unified image (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Do not switch to D3 image on suspend\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: do not try to offload AES-CMAC in AP/IBSS\n modes (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: dump more registers upon error\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: dump the radio registers when the firmware\n crashes (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: enable L3 filtering (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: Enable MPLUT only on supported hw\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: enable VHT MU-MIMO for supported hardware\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: extend time event duration (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: fix accessing NULL pointer during fw dump\n collection (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix d3_test with unified D0/D3 images\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix debugfs signedness warning\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix extended dwell time (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: fix incorrect fallthrough in\n iwl_mvm_check_running_scans() (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: fix memory leaks in error paths upon fw\n error dump (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix netdetect starting/stopping for\n unified images (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: fix RSS key sizing (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: fix unregistration of thermal in some\n error flows (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: flush all used TX queues before suspending\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: forbid U-APSD for P2P Client if the\n firmware does not support it (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: handle pass all scan reporting\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ignore LMAC scan notifications when\n running UMAC scans (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: infrastructure for frame-release message\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: kill iwl_mvm_enable_agg_txq (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: let the firmware choose the antenna for\n beacons (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: make collecting fw debug data optional\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: move fw-dbg code to separate file\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: only release the trans ref if d0i3 is\n supported in fw (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: prepare the code towards TSO\n implementation (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: refactor d3 key update functions\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: refactor the way fw_key_table is handled\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove an extra tab (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: Remove bf_vif from iwl_power_vifs\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove redundant d0i3 flag from the config\n struct (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove shadowing variable (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: remove stray nd_config element\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove the vif parameter of\n iwl_mvm_configure_bcast_filter() (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: remove unnecessary check in\n iwl_mvm_is_d0i3_supported() (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: remove useless WARN_ON and rely on\n cfg80211's combination (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: report wakeup for wowlan (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: reset mvm->scan_type when firmware is\n started (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: return the cooling state index instead of\n the budget (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ROC: cleanup time event info on FW failure\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: ROC: Extend the ROC max delay duration &\n limit ROC duration (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a potential out of bounds access\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a theoretical access to\n uninitialized array elements (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix a warning message (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: rs: fix TPC action decision algorithm\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: rs: fix TPC statistics handling\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Send power command on\n BSS_CHANGED_BEACON_INFO if needed (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: set default new STA as non-aggregated\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: set the correct amsdu enum values\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: set the correct descriptor size for\n tracing (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: small update in the firmware API\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support A-MSDU in A-MPDU (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: support beacon storing (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: support description for user triggered fw\n dbg collection (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support rss queues configuration command\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: Support setting continuous recording debug\n mode (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support setting minimum quota from debugfs\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: support sw queue start/stop from mvm\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: take care of padded packets (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: take the transport ref back when leaving\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: track low-latency sources separately\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: update GSCAN capabilities (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: update ucode status before stopping device\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: use build-time assertion for fw trigger ID\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: use firmware station lookup, combine code\n (FATE#321353, FATE#323335).\n\n - iwlwifi: mvm: various trivial cleanups (FATE#321353,\n FATE#323335).\n\n - iwlwifi: mvm: writing zero bytes to debugfs causes a\n crash (FATE#321353, FATE#323335).\n\n - iwlwifi: nvm: fix loading default NVM file (FATE#321353,\n FATE#323335).\n\n - iwlwifi: nvm: fix up phy section when reading it\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add 9000 series multi queue rx DMA\n support (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add infrastructure for multi-queue rx\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add initial RTPM support for PCI\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: Add new configuration to enable MSIX\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add pm_prepare and pm_complete ops\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: add RTPM support when wifi is enabled\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: aggregate Flow Handler configuration\n writes (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: allow the op_mode to block the tx queues\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: allow to pretend to have Tx CSUM for\n debug (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: avoid restocks inside rx loop if not\n emergency (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: buffer packets to avoid overflowing Tx\n queues (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: build an A-MSDU using TSO core\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: configure more RFH settings (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: detect and workaround invalid write ptr\n behavior (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: do not increment / decrement a bool\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: enable interrupts before releasing the\n NIC's CPU (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: enable multi-queue rx path (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: extend device reset delay (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: fine tune number of rxbs (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: fix a race in firmware loading flow\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: fix erroneous return value (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: fix global table size (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: fix identation in trans.c (FATE#321353,\n FATE#323335).\n\n - iwlwifi: pcie: fix RF-Kill vs. firmware load race\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: forbid RTPM on device removal\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: mark command queue lock with separate\n lockdep class (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: prevent skbs shadowing in\n iwl_trans_pcie_reclaim (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: refactor RXBs reclaiming code\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: remove ICT allocation message\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: remove pointer from debug message\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: re-organize code towards TSO\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: set RB chunk size back to 64\n (FATE#321353, FATE#323335).\n\n - iwlwifi: pcie: update iwl_mpdu_desc fields (FATE#321353,\n FATE#323335).\n\n - iwlwifi: print index in api/capa flags parsing message\n (FATE#321353, FATE#323335).\n\n - iwlwifi: refactor the code that reads the MAC address\n from the NVM (FATE#321353, FATE#323335).\n\n - iwlwifi: remove IWL_DL_LED (FATE#321353, FATE#323335).\n\n - iwlwifi: remove unused parameter from grab_nic_access\n (FATE#321353, FATE#323335).\n\n - iwlwifi: replace d0i3_mode and wowlan_d0i3 with more\n generic variables (FATE#321353, FATE#323335).\n\n - iwlwifi: set max firmware version of 7265 to 17\n (FATE#321353, FATE#323335).\n\n - iwlwifi: support ucode with d0 unified image - regular\n and usniffer (FATE#321353, FATE#323335).\n\n - iwlwifi: trans: make various conversion macros inlines\n (FATE#321353, FATE#323335).\n\n - iwlwifi: trans: support a callback for ASYNC commands\n (FATE#321353, FATE#323335).\n\n - iwlwifi: treat iwl_parse_nvm_data() MAC addr as little\n endian (FATE#321353, FATE#323335).\n\n - iwlwifi: tt: move ucode_loaded check under mutex\n (FATE#321353, FATE#323335).\n\n - iwlwifi: uninline iwl_trans_send_cmd (FATE#321353,\n FATE#323335).\n\n - iwlwifi: update host command messages to new format\n (FATE#321353, FATE#323335).\n\n - iwlwifi: Update PCI IDs for 8000 and 9000 series\n (FATE#321353, FATE#323335).\n\n - iwlwifi: update support for 3168 series firmware and NVM\n (FATE#321353, FATE#323335).\n\n - iwlwifi: various comments and code cleanups\n (FATE#321353, FATE#323335).\n\n - kabi: ignore fs_info parameter for tracepoints that\n didn't have it (bsc#1044912).\n\n - kabi/severities: ignore kABi changes in iwlwifi stuff\n itself\n\n - powerpc/ftrace: Pass the correct stack pointer for\n DYNAMIC_FTRACE_WITH_REGS (FATE#322421).\n\n - printk: Correctly handle preemption in console_unlock()\n (bsc#1046434).\n\n - printk/xen: Force printk sync mode when migrating Xen\n guest (bsc#1043347).\n\n - RDMA/iw_cxgb4: Always wake up waiter in\n c4iw_peer_abort_intr() (bsc#1026570).\n\n - smartpqi: limit transfer length to 1MB (bsc#1025461).\n\n - tty: Destroy ldisc instance on hangup (bnc#1043488).\n\n - tty: Fix ldisc crash on reopened tty (bnc#1043488).\n\n - tty: Handle NULL tty->ldisc (bnc#1043488).\n\n - tty: Move tty_ldisc_kill() (bnc#1043488).\n\n - tty: Prepare for destroying line discipline on hangup\n (bnc#1043488).\n\n - tty: Refactor tty_ldisc_reinit() for reuse\n (bnc#1043488).\n\n - tty: Reset c_line from driver's init_termios\n (bnc#1043488).\n\n - tty: Simplify tty_set_ldisc() exit handling\n (bnc#1043488).\n\n - tty: Use 'disc' for line discipline index name\n (bnc#1043488).\n\n - Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y\n (FATE#323335)\n\n - Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854). Fix\n bsc reference\n\n - Update\n patches.fixes/xfs-split-default-quota-limits-by-quota-ty\n pe.patch (bsc#1040941). Fix the bug nr used.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1025461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1026570\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046821\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debugsource-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debugsource-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-devel-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-devel-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-html-4.4.74-18.20.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-pdf-4.4.74-18.20.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-macros-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-debugsource-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-qa-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-vanilla-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-syms-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debuginfo-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debugsource-4.4.74-18.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-devel-4.4.74-18.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-docs-html / kernel-docs-pdf / kernel-devel / kernel-macros / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:49", "description": "New kernel packages are available for Slackware 14.2 and -current to fix security issues.", "cvss3": {}, "published": "2017-06-27T00:00:00", "type": "nessus", "title": "Slackware 14.2 / current : kernel (SSA:2017-177-01) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-firmware", "p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2017-177-01.NASL", "href": "https://www.tenable.com/plugins/nessus/101051", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-177-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101051);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000365\");\n script_xref(name:\"SSA\", value:\"2017-177-01\");\n\n script_name(english:\"Slackware 14.2 / current : kernel (SSA:2017-177-01) (Stack Clash)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.2 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.943584\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bd4a4e0b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-firmware\", pkgver:\"20170626git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.74\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.74_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.74_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.74\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.74_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.74\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.74_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.74_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20170626git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.74\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.74\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.74\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.74\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.74\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"kernel-firmware\", pkgver:\"20170626git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic\", pkgver:\"4.9.34\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic-smp\", pkgver:\"4.9.34_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-headers\", pkgver:\"4.9.34_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge\", pkgver:\"4.9.34\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge-smp\", pkgver:\"4.9.34_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules\", pkgver:\"4.9.34\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules-smp\", pkgver:\"4.9.34_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-source\", pkgver:\"4.9.34_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20170626git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.9.34\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.9.34\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.9.34\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.9.34\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.9.34\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:51", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - An integer overflow flaw was found in create_elf_tables(). An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system.\n\n - The Linux kernel imposes a size limit on the memory needed to store the arguments and environment variables of a process, 1/4 of the maximum stack size (RLIMIT_STACK). However, the pointers to these data were not taken into account, which allowed attackers to bypass the limit and even exhaust the stack of the process.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-11T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2018-072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2018-14634"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2018-072.NASL", "href": "https://www.tenable.com/plugins/nessus/121097", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121097);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-1000365\",\n \"CVE-2018-14634\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2018-072)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - An integer overflow flaw was found in\n create_elf_tables(). An unprivileged local user with\n access to SUID (or otherwise privileged) binary could\n use this flaw to escalate their privileges on the\n system.\n\n - The Linux kernel imposes a size limit on the memory\n needed to store the arguments and environment variables\n of a process, 1/4 of the maximum stack size\n (RLIMIT_STACK). However, the pointers to these data\n were not taken into account, which allowed attackers to\n bypass the limit and even exhaust the stack of the\n process.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2018-072\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.10-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?25adf1ad\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-30.15-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f0832297\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-33.22-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b724d89f\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-37.30-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?60fdd754\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-40.4-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7388d379\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-43.10-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a2c86afd\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-46.7-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6402c427\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-48.2-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b39b7926\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-63.3-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bbddcc02\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-64.7-62.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3206b4b2\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.16.1.vz7.30.10\",\n \"patch\",\"readykernel-patch-30.10-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.16.1.vz7.30.15\",\n \"patch\",\"readykernel-patch-30.15-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-514.26.1.vz7.33.22\",\n \"patch\",\"readykernel-patch-33.22-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.1.1.vz7.37.30\",\n \"patch\",\"readykernel-patch-37.30-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.11.6.vz7.40.4\",\n \"patch\",\"readykernel-patch-40.4-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.17.1.vz7.43.10\",\n \"patch\",\"readykernel-patch-43.10-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.46.7\",\n \"patch\",\"readykernel-patch-46.7-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.48.2\",\n \"patch\",\"readykernel-patch-48.2-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.9.1.vz7.63.3\",\n \"patch\",\"readykernel-patch-63.3-62.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.11.6.vz7.64.7\",\n \"patch\",\"readykernel-patch-64.7-62.2-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_HOLE, release:\"Virtuozzo-7\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:56", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3621 advisory.\n\n - The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.\n (CVE-2017-12134)\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.\n (CVE-2017-1000365)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. (CVE-2017-1000251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-09-22T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3621)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000251", "CVE-2017-1000365", "CVE-2017-12134"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.19.7.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.19.7.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3621.NASL", "href": "https://www.tenable.com/plugins/nessus/103401", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3621.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103401);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-12134\", \"CVE-2017-1000251\", \"CVE-2017-1000365\");\n script_xref(name:\"IAVB\", value:\"2017-B-0108-S\");\n script_xref(name:\"IAVA\", value:\"2017-A-0253-S\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3621)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2017-3621 advisory.\n\n - The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users\n to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial\n of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.\n (CVE-2017-12134)\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through\n RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into\n account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and\n earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.\n (CVE-2017-1000365)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up\n to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP\n configuration responses resulting in Remote code execution in kernel space. (CVE-2017-1000251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3621.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-1000251\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.19.7.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.19.7.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.19.7.el6uek', '3.8.13-118.19.7.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3621');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.19.7.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.19.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.19.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.19.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.19.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.19.7.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.19.7.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.19.7.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.19.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.19.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.19.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.19.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.19.7.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.19.7.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.19.7.el6uek / dtrace-modules-3.8.13-118.19.7.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:51", "description": "According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.\n\n - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system (Mutagen Astronomy).\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIMIT_INFINITY, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-11T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-075)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2018-14634", "CVE-2018-5391"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZA-2018-075.NASL", "href": "https://www.tenable.com/plugins/nessus/121098", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121098);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-1000365\",\n \"CVE-2018-14634\",\n \"CVE-2018-5391\"\n );\n\n script_name(english:\"Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-075)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the parallels-server-bm-release /\nvzkernel / etc packages installed, the Virtuozzo installation on the\nremote host is affected by the following vulnerabilities :\n\n - A flaw named FragmentSmack was found in the way the\n Linux kernel handled reassembly of fragmented IPv4 and\n IPv6 packets. A remote attacker could use this flaw to\n trigger time and calculation expensive fragment\n reassembly algorithm by sending specially crafted\n packets which could lead to a CPU saturation and hence\n a denial of service on the system.\n\n - An integer overflow flaw was found in the Linux\n kernel's create_elf_tables() function. An unprivileged\n local user with access to SUID (or otherwise\n privileged) binary could use this flaw to escalate\n their privileges on the system (Mutagen Astronomy).\n\n - The Linux Kernel imposes a size restriction on the\n arguments and environmental strings passed through\n RLIMIT_STACK/RLIMIT_INFINITY, but does not take the\n argument and environment pointers into account, which\n allows attackers to bypass this limitation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2018-075\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/3553061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/vulnerabilities/mutagen-astronomy\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected parallels-server-bm-release / vzkernel / etc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14634\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"parallels-server-bm-release-6.0.12-3724\",\n \"vzkernel-2.6.32-042stab134.3\",\n \"vzkernel-devel-2.6.32-042stab134.3\",\n \"vzkernel-firmware-2.6.32-042stab134.3\",\n \"vzmodules-2.6.32-042stab134.3\",\n \"vzmodules-devel-2.6.32-042stab134.3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"parallels-server-bm-release / vzkernel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:56", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3622 advisory.\n\n - The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.\n (CVE-2017-12134)\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.\n (CVE-2017-1000365)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. (CVE-2017-1000251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-09-22T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3622)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000251", "CVE-2017-1000365", "CVE-2017-12134"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3622.NASL", "href": "https://www.tenable.com/plugins/nessus/103402", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3622.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103402);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-12134\", \"CVE-2017-1000251\", \"CVE-2017-1000365\");\n script_xref(name:\"IAVB\", value:\"2017-B-0108-S\");\n script_xref(name:\"IAVA\", value:\"2017-A-0253-S\");\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3622)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2017-3622 advisory.\n\n - The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users\n to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial\n of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.\n (CVE-2017-12134)\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through\n RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into\n account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and\n earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.\n (CVE-2017-1000365)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up\n to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP\n configuration responses resulting in Remote code execution in kernel space. (CVE-2017-1000251)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3622.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-1000251\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.297.8.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3622');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.297.8.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.297.8.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.297.8.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.297.8.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.297.8.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.297.8.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.297.8.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.297.8.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.297.8.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.297.8.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:41", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities:\n\n - The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIMIT_INFINITY, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation.\n (CVE-2017-1000365)\n\n - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. (CVE-2018-14634)\n\n - A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0034)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2018-14634", "CVE-2018-5390"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0034_KERNEL.NASL", "href": "https://www.tenable.com/plugins/nessus/127202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0034. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127202);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2018-5390\", \"CVE-2018-14634\");\n script_bugtraq_id(104976, 105407);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0034)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by\nmultiple vulnerabilities:\n\n - The Linux Kernel imposes a size restriction on the\n arguments and environmental strings passed through\n RLIMIT_STACK/RLIMIT_INFINITY, but does not take the\n argument and environment pointers into account, which\n allows attackers to bypass this limitation.\n (CVE-2017-1000365)\n\n - An integer overflow flaw was found in the Linux kernel's\n create_elf_tables() function. An unprivileged local user\n with access to SUID (or otherwise privileged) binary\n could use this flaw to escalate their privileges on the\n system. (CVE-2018-14634)\n\n - A flaw named SegmentSmack was found in the way the Linux\n kernel handled specially crafted TCP packets. A remote\n attacker could use this flaw to trigger time and\n calculation expensive calls to tcp_collapse_ofo_queue()\n and tcp_prune_ofo_queue() functions by sending specially\n modified packets within ongoing TCP sessions which could\n lead to a CPU saturation and hence a denial of service\n on the system. Maintaining the denial of service\n condition requires continuous two-way TCP sessions to a\n reachable open port, thus the attacks cannot be\n performed using spoofed IP addresses. (CVE-2018-5390)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0034\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14634\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-core-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debug-core-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debug-modules-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-modules-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"perf-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5u4lite.7.159.gd430b7b\"\n ],\n \"CGSL MAIN 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-debug-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"perf-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5u4.7.156.geedb421\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:14", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796364] (CVE-2017-1000251)\n\n - xen: fix bio vec merging (Roger Pau Monne) [Orabug:\n 26645550] (CVE-2017-12134)\n\n - fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638921] (CVE-2017-1000365) (CVE-2017-1000365)", "cvss3": {}, "published": "2017-09-22T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0152) (BlueBorne) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000251", "CVE-2017-1000365", "CVE-2017-12134"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2017-0152.NASL", "href": "https://www.tenable.com/plugins/nessus/103404", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0152.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103404);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-1000251\", \"CVE-2017-1000365\", \"CVE-2017-12134\");\n\n script_name(english:\"OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0152) (BlueBorne) (Stack Clash)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Bluetooth: Properly check L2CAP config option output\n buffer length (Ben Seri) [Orabug: 26796364]\n (CVE-2017-1000251)\n\n - xen: fix bio vec merging (Roger Pau Monne) [Orabug:\n 26645550] (CVE-2017-12134)\n\n - fs/exec.c: account for argv/envp pointers (Kees Cook)\n [Orabug: 26638921] (CVE-2017-1000365) (CVE-2017-1000365)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-September/000781.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd9815ba\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/22\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-3.8.13-118.19.7.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-firmware-3.8.13-118.19.7.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:02:03", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\n - CVE-2017-7346 Li Qiang discovered that the DRM driver for VMware virtual GPUs does not properly check user-controlled values in the vmw_surface_define_ioctl() functions for upper limits. A local user can take advantage of this flaw to cause a denial of service.\n\n - CVE-2017-7482 Shi Lei discovered that RxRPC Kerberos 5 ticket handling code does not properly verify metadata, leading to information disclosure, denial of service or potentially execution of arbitrary code.\n\n - CVE-2017-7533 Fan Wu and Shixiong Zhao discovered a race condition between inotify events and VFS rename operations allowing an unprivileged local attacker to cause a denial of service or escalate privileges.\n\n - CVE-2017-7541 A buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN driver could allow a local user to cause kernel memory corruption, leading to a denial of service or potentially privilege escalation.\n\n - CVE-2017-7542 An integer overflow vulnerability in the ip6_find_1stfragopt() function was found allowing a local attacker with privileges to open raw sockets to cause a denial of service.\n\n - CVE-2017-9605 Murray McAllister discovered that the DRM driver for VMware virtual GPUs does not properly initialize memory, potentially allowing a local attacker to obtain sensitive information from uninitialized kernel memory via a crafted ioctl call.\n\n - CVE-2017-10810 Li Qiang discovered a memory leak flaw within the VirtIO GPU driver resulting in denial of service (memory consumption).\n\n - CVE-2017-10911 / XSA-216 Anthony Perard of Citrix discovered an information leak flaw in Xen blkif response handling, allowing a malicious unprivileged guest to obtain sensitive information from the host or other guests.\n\n - CVE-2017-11176 It was discovered that the mq_notify() function does not set the sock pointer to NULL upon entry into the retry logic. An attacker can take advantage of this flaw during a user-space close of a Netlink socket to cause a denial of service or potentially cause other impact.\n\n - CVE-2017-1000365 It was discovered that argument and environment pointers are not taken properly into account to the imposed size restrictions on arguments and environmental strings passed through RLIMIT_STACK/RLIMIT_INFINITY. A local attacker can take advantage of this flaw in conjunction with other flaws to execute arbitrary code.", "cvss3": {}, "published": "2017-08-07T00:00:00", "type": "nessus", "title": "Debian DSA-3927-1 : linux - security update (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-10810", "CVE-2017-10911", "CVE-2017-11176", "CVE-2017-7346", "CVE-2017-7482", "CVE-2017-7533", "CVE-2017-7541", "CVE-2017-7542", "CVE-2017-9605"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-3927.NASL", "href": "https://www.tenable.com/plugins/nessus/102211", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3927. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102211);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-1000365\", \"CVE-2017-10810\", \"CVE-2017-10911\", \"CVE-2017-11176\", \"CVE-2017-7346\", \"CVE-2017-7482\", \"CVE-2017-7533\", \"CVE-2017-7541\", \"CVE-2017-7542\", \"CVE-2017-9605\");\n script_xref(name:\"DSA\", value:\"3927\");\n\n script_name(english:\"Debian DSA-3927-1 : linux - security update (Stack Clash)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n - CVE-2017-7346\n Li Qiang discovered that the DRM driver for VMware\n virtual GPUs does not properly check user-controlled\n values in the vmw_surface_define_ioctl() functions for\n upper limits. A local user can take advantage of this\n flaw to cause a denial of service.\n\n - CVE-2017-7482\n Shi Lei discovered that RxRPC Kerberos 5 ticket handling\n code does not properly verify metadata, leading to\n information disclosure, denial of service or potentially\n execution of arbitrary code.\n\n - CVE-2017-7533\n Fan Wu and Shixiong Zhao discovered a race condition\n between inotify events and VFS rename operations\n allowing an unprivileged local attacker to cause a\n denial of service or escalate privileges.\n\n - CVE-2017-7541\n A buffer overflow flaw in the Broadcom IEEE802.11n PCIe\n SoftMAC WLAN driver could allow a local user to cause\n kernel memory corruption, leading to a denial of service\n or potentially privilege escalation.\n\n - CVE-2017-7542\n An integer overflow vulnerability in the\n ip6_find_1stfragopt() function was found allowing a\n local attacker with privileges to open raw sockets to\n cause a denial of service.\n\n - CVE-2017-9605\n Murray McAllister discovered that the DRM driver for\n VMware virtual GPUs does not properly initialize memory,\n potentially allowing a local attacker to obtain\n sensitive information from uninitialized kernel memory\n via a crafted ioctl call.\n\n - CVE-2017-10810\n Li Qiang discovered a memory leak flaw within the VirtIO\n GPU driver resulting in denial of service (memory\n consumption).\n\n - CVE-2017-10911 / XSA-216\n Anthony Perard of Citrix discovered an information leak\n flaw in Xen blkif response handling, allowing a\n malicious unprivileged guest to obtain sensitive\n information from the host or other guests.\n\n - CVE-2017-11176\n It was discovered that the mq_notify() function does not\n set the sock pointer to NULL upon entry into the retry\n logic. An attacker can take advantage of this flaw\n during a user-space close of a Netlink socket to cause a\n denial of service or potentially cause other impact.\n\n - CVE-2017-1000365\n It was discovered that argument and environment pointers\n are not taken properly into account to the imposed size\n restrictions on arguments and environmental strings\n passed through RLIMIT_STACK/RLIMIT_INFINITY. A local\n attacker can take advantage of this flaw in conjunction\n with other flaws to execute arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7482\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-9605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-10810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-10911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://xenbits.xen.org/xsa/advisory-216.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-11176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-1000365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3927\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (jessie), these problems will be fixed\nin a subsequent DSA.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.9.30-2+deb9u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/07\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.30-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.30-2+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:47", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3640 advisory.\n\n - A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618)\n\n - The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity. (CVE-2016-9191)\n\n - The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation. (CVE-2017-12192)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-11-15T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3640)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-9191", "CVE-2017-12192", "CVE-2017-2618"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3640.NASL", "href": "https://www.tenable.com/plugins/nessus/104565", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3640.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104565);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2016-9191\", \"CVE-2017-2618\", \"CVE-2017-12192\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3640)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2017-3640 advisory.\n\n - A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files\n before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to\n access unmapped kernel memory. (CVE-2017-2618)\n\n - The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations,\n which allows local users to cause a denial of service (system hang) by leveraging access to a container\n environment for executing a crafted application, as demonstrated by trinity. (CVE-2016-919