Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | linux security update |
| Informations | |||
|---|---|---|---|
| Name | DSA-2745 | First vendor Publication | 2013-08-28 |
| Vendor | Debian | Last vendor Modification | 2013-08-28 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1059 Chanam Park reported an issue in the Ceph distributed storage system. Remote users can cause a denial of service by sending a specially crafted auth_reply message. CVE-2013-2148 Dan Carpenter reported an information leak in the filesystem wide access notification subsystem (fanotify). Local users could gain access to sensitive kernel memory. CVE-2013-2164 Jonathan Salwan reported an information leak in the CD-ROM driver. A local user on a system with a malfunctioning CD-ROM drive could gain access to sensitive memory. CVE-2013-2232 Dave Jones and Hannes Frederic Sowa resolved an issue in the IPv6 subsystem. Local users could cause a denial of service by using an AF_INET6 socket to connect to an IPv4 destination. CVE-2013-2234 Mathias Krause reported a memory leak in the implementation of PF_KEYv2 sockets. Local users could gain access to sensitive kernel memory. CVE-2013-2237 Nicolas Dichtel reported a memory leak in the implementation of PF_KEYv2 sockets. Local users could gain access to sensitive kernel memory. CVE-2013-2851 Kees Cook reported an issue in the block subsystem. Local users with uid 0 could gain elevated ring 0 privileges. This is only a security issue for certain specially configured systems. CVE-2013-2852 Kees Cook reported an issue in the b43 network driver for certain Broadcom wireless devices. Local users with uid 0 could gain elevated ring 0 privileges. This is only a security issue for certain specially configured systems. CVE-2013-4162 Hannes Frederic Sowa reported an issue in the IPv6 networking subsystem. Local users can cause a denial of service (system crash). CVE-2013-4163 Dave Jones reported an issue in the IPv6 networking subsystem. Local users can cause a denial of service (system crash). This update also includes a fix for a regression in the Xen subsystem. For the stable distribution (wheezy), these problems has been fixed in version 3.2.46-1+deb7u1. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 7.0 (wheezy) user-mode-linux 3.2-2um-1+deb7u2 We recommend that you upgrade your linux and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. |
Original Source
| Url : http://www.debian.org/security/2013/dsa-2745 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 30 % | CWE-399 | Resource Management Errors |
| 20 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
| 20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10 % | CWE-476 | NULL Pointer Dereference |
| 10 % | CWE-200 | Information Exposure |
| 10 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:17816 | |||
| Oval ID: | oval:org.mitre.oval:def:17816 | ||
| Title: | USN-1914-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1914-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18042 | |||
| Oval ID: | oval:org.mitre.oval:def:18042 | ||
| Title: | USN-1913-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1913-1 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851 | Version: | 7 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18044 | |||
| Oval ID: | oval:org.mitre.oval:def:18044 | ||
| Title: | USN-1940-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1940-1 CVE-2013-1060 CVE-2013-1943 CVE-2013-2206 CVE-2013-4162 | Version: | 7 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18229 | |||
| Oval ID: | oval:org.mitre.oval:def:18229 | ||
| Title: | USN-1917-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1917-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18240 | |||
| Oval ID: | oval:org.mitre.oval:def:18240 | ||
| Title: | USN-1920-1 -- linux-ti-omap4 vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1920-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 13.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18287 | |||
| Oval ID: | oval:org.mitre.oval:def:18287 | ||
| Title: | USN-1915-1 -- linux-lts-quantal vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1915-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18298 | |||
| Oval ID: | oval:org.mitre.oval:def:18298 | ||
| Title: | USN-1942-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1942-1 CVE-2013-1059 CVE-2013-1060 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2851 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18351 | |||
| Oval ID: | oval:org.mitre.oval:def:18351 | ||
| Title: | USN-1918-1 -- linux-ti-omap4 vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1918-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18398 | |||
| Oval ID: | oval:org.mitre.oval:def:18398 | ||
| Title: | USN-1916-1 -- linux-lts-raring vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1916-1 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18409 | |||
| Oval ID: | oval:org.mitre.oval:def:18409 | ||
| Title: | USN-1929-1 -- linux vulnerability | ||
| Description: | The system could be made to expose sensitive information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1929-1 CVE-2013-2148 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18689 | |||
| Oval ID: | oval:org.mitre.oval:def:18689 | ||
| Title: | USN-1930-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1930-1 CVE-2013-2148 CVE-2013-2852 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18721 | |||
| Oval ID: | oval:org.mitre.oval:def:18721 | ||
| Title: | USN-1947-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1947-1 CVE-2012-5374 CVE-2012-5375 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18764 | |||
| Oval ID: | oval:org.mitre.oval:def:18764 | ||
| Title: | USN-1932-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1932-1 CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2851 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18776 | |||
| Oval ID: | oval:org.mitre.oval:def:18776 | ||
| Title: | USN-1970-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1970-1 CVE-2013-4254 CVE-2013-1819 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18799 | |||
| Oval ID: | oval:org.mitre.oval:def:18799 | ||
| Title: | USN-1945-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1945-1 CVE-2012-5374 CVE-2012-5375 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18848 | |||
| Oval ID: | oval:org.mitre.oval:def:18848 | ||
| Title: | USN-1934-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1934-1 CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2851 | Version: | 7 |
| Platform(s): | Ubuntu 13.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18859 | |||
| Oval ID: | oval:org.mitre.oval:def:18859 | ||
| Title: | USN-1933-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1933-1 CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2851 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18870 | |||
| Oval ID: | oval:org.mitre.oval:def:18870 | ||
| Title: | USN-1941-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1941-1 CVE-2013-1059 CVE-2013-1060 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2851 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18895 | |||
| Oval ID: | oval:org.mitre.oval:def:18895 | ||
| Title: | USN-1943-1 -- linux-lts-raring vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1943-1 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18897 | |||
| Oval ID: | oval:org.mitre.oval:def:18897 | ||
| Title: | USN-1944-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1944-1 CVE-2012-5374 CVE-2012-5375 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18941 | |||
| Oval ID: | oval:org.mitre.oval:def:18941 | ||
| Title: | USN-1931-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1931-1 CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2851 | Version: | 7 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19027 | |||
| Oval ID: | oval:org.mitre.oval:def:19027 | ||
| Title: | USN-1938-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1938-1 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 7 |
| Platform(s): | Ubuntu 13.04 | Product(s): | linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19073 | |||
| Oval ID: | oval:org.mitre.oval:def:19073 | ||
| Title: | USN-1973-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1973-1 CVE-2013-4254 CVE-2013-1819 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19106 | |||
| Oval ID: | oval:org.mitre.oval:def:19106 | ||
| Title: | USN-1972-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1972-1 CVE-2013-4254 CVE-2013-1819 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19211 | |||
| Oval ID: | oval:org.mitre.oval:def:19211 | ||
| Title: | USN-1993-1 -- linux-ti-omap4 vulnerability | ||
| Description: | The system could be made to expose sensitive information to a local user. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1993-1 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19248 | |||
| Oval ID: | oval:org.mitre.oval:def:19248 | ||
| Title: | USN-1992-1 -- linux vulnerability | ||
| Description: | The system could be made to expose sensitive information to a local user. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1992-1 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19878 | |||
| Oval ID: | oval:org.mitre.oval:def:19878 | ||
| Title: | DSA-2745-1 linux - several | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2745-1 CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851 CVE-2013-2852 CVE-2013-4162 CVE-2013-4163 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21303 | |||
| Oval ID: | oval:org.mitre.oval:def:21303 | ||
| Title: | USN-1900-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1900-1 CVE-2012-4508 CVE-2013-2141 CVE-2013-2852 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23259 | |||
| Oval ID: | oval:org.mitre.oval:def:23259 | ||
| Title: | VMware ESX updates to third party libraries | ||
| Description: | The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2013-2164 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23736 | |||
| Oval ID: | oval:org.mitre.oval:def:23736 | ||
| Title: | VMware ESX updates to third party libraries | ||
| Description: | The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2013-2232 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23835 | |||
| Oval ID: | oval:org.mitre.oval:def:23835 | ||
| Title: | VMware ESX updates to third party libraries | ||
| Description: | The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2013-2237 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24177 | |||
| Oval ID: | oval:org.mitre.oval:def:24177 | ||
| Title: | VMware ESX updates to third party libraries | ||
| Description: | The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2013-2234 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27018 | |||
| Oval ID: | oval:org.mitre.oval:def:27018 | ||
| Title: | USN-1946-1 -- Linux kernel (OMAP4) vulnerabilities | ||
| Description: | A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2012-5374">CVE-2012-5374</a>) A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service (prevent file creation) for a victim, by creating a file with a specific CRC32C hash value in a directory important to the victim. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2012-5375">CVE-2012-5375</a>) Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-1060">CVE-2013-1060</a>) A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2140">CVE-2013-2140</a>) A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2232">CVE-2013-2232</a>) An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2234">CVE-2013-2234</a>) Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the Linux kernel's IPv6 stack. A local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4162">CVE-2013-4162</a>) Hannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux kernel when the IPV6_MTU setsockopt option has been specified in combination with the UDP_CORK option. A local user could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4163">CVE-2013-4163</a>) | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1946-1 CVE-2012-5374 CVE-2012-5375 CVE-2013-1060 CVE-2013-2140 CVE-2013-2232 CVE-2013-2234 CVE-2013-4162 CVE-2013-4163 | Version: | 3 |
| Platform(s): | Ubuntu 13.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27363 | |||
| Oval ID: | oval:org.mitre.oval:def:27363 | ||
| Title: | ELSA-2013-2543 -- unbreakable enterprise kernel security update (important) | ||
| Description: | [2.6.39-400.109.6] - block: do not pass disk names as format strings (Kees Cook) [Orabug: 17230083] {CVE-2013-2851} - libceph: Fix NULL pointer dereference in auth client code (Tyler Hicks) [Orabug: 17230108] {CVE-2013-1059} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371078] {CVE-2013-2232} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370788] {CVE-2013-2237} - Bluetooth: HCI - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17370892] {CVE-2012-6544} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371050] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371065] {CVE-2012-6544} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371118] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372121] {CVE-2013-2206} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-2543 CVE-2012-6544 CVE-2013-2206 CVE-2013-2232 CVE-2013-2237 CVE-2013-1059 CVE-2013-2851 | Version: | 3 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27425 | |||
| Oval ID: | oval:org.mitre.oval:def:27425 | ||
| Title: | ELSA-2013-1166-1 -- kernel security and bug fix update (important) | ||
| Description: | kernel [2.6.18-348.16.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-1166-1 CVE-2013-2147 CVE-2013-2164 CVE-2013-2206 CVE-2013-2224 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1138-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1450.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1076.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1181.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1460.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1783.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0284.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1264.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-813.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1034.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO |
| 2014-02-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3002.nasl - Type : ACT_GATHER_INFO |
| 2013-12-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-12-06 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO |
| 2013-11-29 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2585.nasl - Type : ACT_GATHER_INFO |
| 2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1645.nasl - Type : ACT_GATHER_INFO |
| 2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO |
| 2013-10-24 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-233.nasl - Type : ACT_GATHER_INFO |
| 2013-10-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1992-1.nasl - Type : ACT_GATHER_INFO |
| 2013-10-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1998-1.nasl - Type : ACT_GATHER_INFO |
| 2013-10-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1995-1.nasl - Type : ACT_GATHER_INFO |
| 2013-10-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2575.nasl - Type : ACT_GATHER_INFO |
| 2013-10-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131016_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-10-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1436.nasl - Type : ACT_GATHER_INFO |
| 2013-10-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1436.nasl - Type : ACT_GATHER_INFO |
| 2013-10-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1436.nasl - Type : ACT_GATHER_INFO |
| 2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-218.nasl - Type : ACT_GATHER_INFO |
| 2013-09-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2766.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1292.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1292.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1972-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1292-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1970-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130926_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-09-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1292.nasl - Type : ACT_GATHER_INFO |
| 2013-09-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-242.nasl - Type : ACT_GATHER_INFO |
| 2013-09-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-130827.nasl - Type : ACT_GATHER_INFO |
| 2013-09-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-130828.nasl - Type : ACT_GATHER_INFO |
| 2013-09-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2546.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1941-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1940-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1939-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1943-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1944-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1947-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1938-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2543.nasl - Type : ACT_GATHER_INFO |
| 2013-08-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2542.nasl - Type : ACT_GATHER_INFO |
| 2013-08-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2745.nasl - Type : ACT_GATHER_INFO |
| 2013-08-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1173.nasl - Type : ACT_GATHER_INFO |
| 2013-08-29 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130827_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-08-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1173.nasl - Type : ACT_GATHER_INFO |
| 2013-08-28 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1173.nasl - Type : ACT_GATHER_INFO |
| 2013-08-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1166.nasl - Type : ACT_GATHER_INFO |
| 2013-08-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1166-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO |
| 2013-08-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130820_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1935-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1932-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1931-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1929-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1936-1.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1919-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1917-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1916-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1915-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1914-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1913-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1912-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2537.nasl - Type : ACT_GATHER_INFO |
| 2013-07-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-2538.nasl - Type : ACT_GATHER_INFO |
| 2013-07-19 | Name : The remote Fedora host is missing a security update. File : fedora_2013-12990.nasl - Type : ACT_GATHER_INFO |
| 2013-07-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130716_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-07-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1051.nasl - Type : ACT_GATHER_INFO |
| 2013-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1051.nasl - Type : ACT_GATHER_INFO |
| 2013-07-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1051.nasl - Type : ACT_GATHER_INFO |
| 2013-07-14 | Name : The remote Fedora host is missing a security update. File : fedora_2013-12901.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-12530.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-12339.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-10695.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-10689.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-9123.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-194.nasl - Type : ACT_GATHER_INFO |
| 2013-07-05 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1900-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1899-1.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:32:08 |
|
| 2013-08-29 09:19:21 |
|
