Executive Summary
Summary | |
---|---|
Title | New Linux 2.6.18 packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1929 | First vendor Publication | 2009-11-05 |
Vendor | Debian | Last vendor Modification | 2009-11-05 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1883 Solar Designer discovered a missing capability check in the z90crypt driver or s390 systems. This vulnerability may allow a local user to gain elevated privileges. CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt() can result in a denial of service (kernel oops). CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue. CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area Network (CAN) implementations. Local users can exploit these issues to gain access to kernel memory. CVE-2009-3228 Eric Dumazet reported an instance of uninitialized kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory. CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness. CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users. CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges. CVE-2009-3612 Jiri Pirko discovered a typo in the initialization of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory. CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang). For the oldstable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-26etch1. We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages. Note: Debian 'etch' includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian 'etch' concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion. The following matrix lists additional source packages that were rebuilt for compatability with or to take advantage of this update: Debian 4.0 (etch) fai-kernels 1.17+etch.26etch1 user-mode-linux 2.6.18-1um-2etch.26etch1 |
Original Source
Url : http://www.debian.org/security/2009/dsa-1929 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-112 | Brute Force |
CAPEC-281 | Analytic Attacks |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
27 % | CWE-200 | Information Exposure |
18 % | CWE-264 | Permissions, Privileges, and Access Controls |
9 % | CWE-672 | Operation on a Resource after Expiration or Release |
9 % | CWE-476 | NULL Pointer Dereference |
9 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
9 % | CWE-362 | Race Condition |
9 % | CWE-338 | Use of Cryptographically Weak PRNG |
9 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11513 | |||
Oval ID: | oval:org.mitre.oval:def:11513 | ||
Title: | Service Console update for COS kernel | ||
Description: | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3547 | Version: | 3 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11611 | |||
Oval ID: | oval:org.mitre.oval:def:11611 | ||
Title: | The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c. | ||
Description: | The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3002 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11741 | |||
Oval ID: | oval:org.mitre.oval:def:11741 | ||
Title: | Service Console update for COS kernel | ||
Description: | The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3002 | Version: | 3 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13351 | |||
Oval ID: | oval:org.mitre.oval:def:13351 | ||
Title: | DSA-1928-1 linux-2.6.24 -- privilege escalation/denial of service/sensitive memory leak | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory. CVE-2009-2847 Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack. CVE-2009-2848 Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service. CVE-2009-2849 Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service. CVE-2009-2903 Mark Smith discovered a memory leak in the appletalk implementation. When the appletalk and ipddp modules are loaded, but no ipddp"N" device is found, remote attackers can cause a denial of service by consuming large amounts of system memory. CVE-2009-2908 Loic Minier discovered an issue in the eCryptfs filesystem. A local user can cause a denial of service by causing a dentry value to go negative. CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt can result in a denial of service. CVE-2009-2910 Jan Beulich discovered the existence of a sensitive kernel memory leak. Systems running the "amd64" kernel do not properly sanitise registers for 32-bit processes. CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue. CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP, NET/ROM, Acorn Econet/AUN, and Controller Area Network implementations. Local users can exploit these issues to gain access to kernel memory. CVE-2009-3228 Eric Dumazet reported an instance of uninitialised kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory. CVE-2009-3238 Linus Torvalds provided a change to the get_random_int function to increase its randomness. CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users. CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges. CVE-2009-3612 Jiri Pirko discovered a typo in the initialisation of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory. CVE-2009-3613 Alistair Strachan reported an issue in the r8169 driver. Remote users can cause a denial of service by transmitting a large amount of jumbo frames. CVE-2009-3620 Ben Hutchings discovered an issue in the DRM manager for ATI Rage 128 graphics adapters. Local users may be able to exploit this vulnerability to cause a denial of service. CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service. For the oldstable distribution, this problem has been fixed in version 2.6.24-6~etchnhalf.9etch1. We recommend that you upgrade your linux-2.6.24 packages. Note: Debian "etch" includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian "etch" concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1928-1 CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6.24 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28617 | |||
Oval ID: | oval:org.mitre.oval:def:28617 | ||
Title: | RHSA-2009:1106 -- kernel security and bug fix update (Important) | ||
Description: | Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1106 CESA-2009:1106-CentOS 5 CVE-2009-1072 CVE-2009-1192 CVE-2009-1439 CVE-2009-1630 CVE-2009-1633 CVE-2009-1758 CVE-2009-3238 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6757 | |||
Oval ID: | oval:org.mitre.oval:def:6757 | ||
Title: | Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities | ||
Description: | The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3228 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6895 | |||
Oval ID: | oval:org.mitre.oval:def:6895 | ||
Title: | Linux Kernel 'unix_stream_connect()' Local Denial of Service Vulnerability | ||
Description: | net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3621 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7527 | |||
Oval ID: | oval:org.mitre.oval:def:7527 | ||
Title: | Linux kernel 'O_EXCL' NFSv4 Privilege Escalation Vulnerability | ||
Description: | NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3286 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7557 | |||
Oval ID: | oval:org.mitre.oval:def:7557 | ||
Title: | Linux Kernel 2.4 and 2.6 Local Information Disclosure Vulnerability | ||
Description: | The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3612 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7608 | |||
Oval ID: | oval:org.mitre.oval:def:7608 | ||
Title: | Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability | ||
Description: | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3547 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7937 | |||
Oval ID: | oval:org.mitre.oval:def:7937 | ||
Title: | DSA-1928 linux-2.6.24 -- privilege escalation/denial of service/sensitive memory leak | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory. Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack. Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service (memory corruption). Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service (oops). Mark Smith discovered a memory leak in the appletalk implementation. When the appletalk and ipddp modules are loaded, but no ipddp"N" device is found, remote attackers can cause a denial of service by consuming large amounts of system memory. Loic Minier discovered an issue in the eCryptfs filesystem. A local user can cause a denial of service (kernel oops) by causing a dentry value to go negative. Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt() can result in a denial of service (kernel oops). Jan Beulich discovered the existence of a sensitive kernel memory leak. Systems running the "amd64" kernel do not properly sanitise registers for 32-bit processes. Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue. Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area Network (CAN) implementations. Local users can exploit these issues to gain access to kernel memory. Eric Dumazet reported an instance of uninitialised kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory. CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness. Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users. Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges. Jiri Pirko discovered a typo in the initialisation of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory. Alistair Strachan reported an issue in the r8169 driver. Remote users can cause a denial of service (IOMMU space exhaustion and system crash) by transmitting a large amount of jumbo frames. Ben Hutchings discovered an issue in the DRM manager for ATI Rage 128 graphics adapters. Local users may be able to exploit this vulnerability to cause a denial of service (NULL pointer dereference). Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1928 CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6.24 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9513 | |||
Oval ID: | oval:org.mitre.oval:def:9513 | ||
Title: | The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage. | ||
Description: | The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1883 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9757 | |||
Oval ID: | oval:org.mitre.oval:def:9757 | ||
Title: | NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. | ||
Description: | NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3286 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-08-31 | Linux Kernel < 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1522 centos4 i386 File : nvt/gb_CESA-2009_1522_kernel_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1438 centos4 i386 File : nvt/gb_CESA-2009_1438_kernel_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1541 centos4 i386 File : nvt/gb_CESA-2009_1541_kernel_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1548 centos5 i386 File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1550 centos3 i386 File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1670 centos5 i386 File : nvt/gb_CESA-2009_1670_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1671 centos4 i386 File : nvt/gb_CESA-2009_1671_kernel_centos4_i386.nasl |
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-0919 File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1500 File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1804 File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl |
2010-02-19 | Name : SuSE Update for kernel SUSE-SA:2010:012 File : nvt/gb_suse_2010_012.nasl |
2010-01-15 | Name : SuSE Update for kernel SUSE-SA:2010:001 File : nvt/gb_suse_2010_001.nasl |
2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1671 File : nvt/RHSA_2009_1671.nasl |
2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1670 File : nvt/RHSA_2009_1670.nasl |
2009-12-30 | Name : Fedora Core 11 FEDORA-2009-13694 (kernel) File : nvt/fcore_2009_13694.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1670 (kernel) File : nvt/ovcesa2009_1670.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1671 (kernel) File : nvt/ovcesa2009_1671.nasl |
2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13098 (kernel) File : nvt/fcore_2009_13098.nasl |
2009-12-10 | Name : SuSE Security Advisory SUSE-SA:2009:060 (kernel) File : nvt/suse_sa_2009_060.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12786 (kernel) File : nvt/fcore_2009_12786.nasl |
2009-12-03 | Name : SLES11: Security update for Linux kernel File : nvt/sles11_ext4dev-kmp-def4.nasl |
2009-11-23 | Name : Mandriva Security Advisory MDVSA-2009:301 (kernel) File : nvt/mdksa_2009_301.nasl |
2009-11-17 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5062456.nasl |
2009-11-17 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel9.nasl |
2009-11-11 | Name : Fedora Core 10 FEDORA-2009-11038 (kernel) File : nvt/fcore_2009_11038.nasl |
2009-11-11 | Name : SuSE Security Advisory SUSE-SA:2009:051 (kernel) File : nvt/suse_sa_2009_051.nasl |
2009-11-11 | Name : SLES11: Security update for Linux kernel File : nvt/sles11_ext4dev-kmp-def3.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1540 File : nvt/RHSA_2009_1540.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1550 (kernel) File : nvt/ovcesa2009_1550.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1548 (kernel) File : nvt/ovcesa2009_1548.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1541 (kernel) File : nvt/ovcesa2009_1541.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1541 File : nvt/RHSA_2009_1541.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1548 File : nvt/RHSA_2009_1548.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1550 File : nvt/RHSA_2009_1550.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1927-1 (linux-2.6) File : nvt/deb_1927_1.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24) File : nvt/deb_1928_1.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1929-1 (linux-2.6) File : nvt/deb_1929_1.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-10639 (kernel) File : nvt/fcore_2009_10639.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-11032 (kernel) File : nvt/fcore_2009_11032.nasl |
2009-10-27 | Name : CentOS Security Advisory CESA-2009:1522 (kernel) File : nvt/ovcesa2009_1522.nasl |
2009-10-27 | Name : Debian Security Advisory DSA 1915-1 (linux-2.6) File : nvt/deb_1915_1.nasl |
2009-10-27 | Name : RedHat Security Advisory RHSA-2009:1522 File : nvt/RHSA_2009_1522.nasl |
2009-10-19 | Name : Fedora Core 10 FEDORA-2009-10525 (kernel) File : nvt/fcore_2009_10525.nasl |
2009-10-06 | Name : Fedora Core 10 FEDORA-2009-10165 (kernel) File : nvt/fcore_2009_10165.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1438 (kernel) File : nvt/ovcesa2009_1438.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1438 File : nvt/RHSA_2009_1438.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59654 | Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local... Linux Kernel 2.6.x contains a flaw that may allow a local denial of service or privilege escalation. The issue is triggered within the "pipe_rdwr_open()", "pipe_write_open()", and "pipe_read_open()" functions in "fs/pipe.c". This can be exploited to cause a NULL pointer deference by performing certain pipe operations. |
59222 | Linux Kernel Netlink Subsystem net/sched/cls_api.c tcf_fill_node Function Loc... |
59210 | Linux Kernel net/unix/af_unix.c AF_UNIX Socket Reconnect Local DoS |
59081 | Linux Kernel ax25 Subsystem net/ax25/af_ax25.c ax25_setsockopt Function Local... |
59070 | Linux Kernel tc Subsystem net/sched/sch_api.c tc_fill_tclass Function Local M... |
58323 | Linux Kernel NFSv4 o_EXCL inode Creation Failure Local Privilege Escalation |
58235 | Linux Kernel z90crypt Driver z90crypt_unlocked_ioctl Function Z90QUIESCE Oper... |
58234 | Linux Kernel drivers/char/random.c get_random_int Function RNG Weakness |
57821 | Linux Kernel net/sched/sch_api.c tc_fill_tclass() Function Kernel Memory Disc... |
57428 | Linux Kernel proto_ops .getname Function Arbitrary Kernel Memory Disclosure |
57427 | Linux Kernel af_llc.c getsockname() Function Kernel Stack Fragment Disclosure |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0033.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1106.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1522.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1670.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1587.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1672.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1588.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091215_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091215_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091022_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6730.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6697.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6641.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6636.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6694.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6637.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-329.nasl - Type : ACT_GATHER_INFO |
2010-06-28 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0010.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
2010-03-05 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1927.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1915.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1929.nasl - Type : ACT_GATHER_INFO |
2010-02-18 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12578.nasl - Type : ACT_GATHER_INFO |
2010-02-16 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-100203.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1106.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1670.nasl - Type : ACT_GATHER_INFO |
2010-01-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-091218.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6726.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1670.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO |
2009-12-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-091123.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-091123.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12541.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6632.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11038.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11032.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2009-11-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-091015.nasl - Type : ACT_GATHER_INFO |
2009-11-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-091016.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10639.nasl - Type : ACT_GATHER_INFO |
2009-10-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1522.nasl - Type : ACT_GATHER_INFO |
2009-10-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1522.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-852-1.nasl - Type : ACT_GATHER_INFO |
2009-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10525.nasl - Type : ACT_GATHER_INFO |
2009-10-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10165.nasl - Type : ACT_GATHER_INFO |
2009-09-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2009-06-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1106.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:59 |
|