Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title linux-2.6 security update
Informations
Name DSA-2906 First vendor Publication 2014-04-24
Vendor Debian Last vendor Modification 2014-04-24
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2013-0343

George Kargiotakis reported an issue in the temporary address handling of the IPv6 privacy extensions. Users on the same LAN can cause a denial of service or obtain access to sensitive information by sending router advertisement messages that cause temporary address generation to be disabled.

CVE-2013-2147

Dan Carpenter reported issues in the cpqarray driver for Compaq Smart2 Controllers and the cciss driver for HP Smart Array controllers allowing users to gain access to sensitive kernel memory.

CVE-2013-2889

Kees Cook discovered missing input sanitization in the HID driver for Zeroplus game pads that could lead to a local denial of service.

CVE-2013-2893

Kees Cook discovered that missing input sanitization in the HID driver for various Logitech force feedback devices could lead to a local denial of service.

CVE-2013-2929

Vasily Kulikov discovered that a flaw in the get_dumpable() function of the ptrace subsytsem could lead to information disclosure. Only systems with the fs.suid_dumpable sysctl set to a non-default value of '2' are vulnerable.

CVE-2013-4162

Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets using the UDP_CORK option could result in denial of service.

CVE-2013-4299

Fujitsu reported an issue in the device-mapper subsystem. Local users could gain access to sensitive kernel memory.

CVE-2013-4345

Stephan Mueller found in bug in the ANSI pseudo random number generator which could lead to the use of less entropy than expected.

CVE-2013-4512

Nico Golde and Fabian Yamaguchi reported an issue in the user mode linux port. A buffer overflow condition exists in the write method for the /proc/exitcode file. Local users with sufficient privileges allowing them to write to this file could gain further elevated privileges.

CVE-2013-4587

Andrew Honig of Google reported an issue in the KVM virtualization subsystem. A local user could gain elevated privileges by passing a large vcpu_id parameter.

CVE-2013-6367

Andrew Honig of Google reported an issue in the KVM virtualization subsystem. A divide-by-zero condition could allow a guest user to cause a denial of service on the host (crash).

CVE-2013-6380

Mahesh Rajashekhara reported an issue in the aacraid driver for storage products from various vendors. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.

CVE-2013-6381

Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit Ethernet device support for s390 systems. Local users could cause a denial of service or gain elevated privileges via the SIOC_QETH_ADP_SET_SNMP_CONTROL ioctl.

CVE-2013-6382

Nico Golde and Fabian Yamaguchi reported an issue in the XFS filesystem. Local users with CAP_SYS_ADMIN privileges could gain further elevated privileges.

CVE-2013-6383

Dan Carpenter reported an issue in the aacraid driver for storage devices from various vendors. A local user could gain elevated privileges due to a missing privilege level check in the aac_compat_ioctl function.

CVE-2013-7263 CVE-2013-7264 CVE-2013-7265

mpb reported an information leak in the recvfrom, recvmmsg and recvmsg system calls. A local user could obtain access to sensitive kernel memory.

CVE-2013-7339

Sasha Levin reported an issue in the RDS network protocol over Infiniband. A local user could cause a denial of service condition.

CVE-2014-0101

Nokia Siemens Networks reported an issue in the SCTP network protocol subsystem. Remote users could cause a denial of service (NULL pointer dereference).

CVE-2014-1444

Salva Peiro reported an issue in the FarSync WAN driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.

CVE-2014-1445

Salva Peiro reported an issue in the wanXL serial card driver. Local users could gain access to sensitive kernel memory.

CVE-2014-1446

Salva Peiro reported an issue in the YAM radio modem driver. Local users with the CAP_NET_ADMIN capability could gain access to sensitive kernel memory.

CVE-2014-1874

Matthew Thode reported an issue in the SELinux subsystem. A local user with CAP_MAC_ADMIN privileges could cause a denial of service by setting an empty security context on a file. CVE-2014-2039

Martin Schwidefsky reported an issue on s390 systems. A local user could cause a denial of service (kernel oops) by executing an application with a linkage stack instruction.

CVE-2014-2523

Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp module. Remote users could cause a denial of service (system crash) or potentially gain elevated privileges.

For the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze5.

The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 6.0 (squeeze) user-mode-linux 2.6.32-1um-4+48squeeze5

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion.

Original Source

Url : http://www.debian.org/security/2014/dsa-2906

CWE : Common Weakness Enumeration

% Id Name
31 % CWE-20 Improper Input Validation
19 % CWE-399 Resource Management Errors
19 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12 % CWE-264 Permissions, Privileges, and Access Controls
8 % CWE-476 NULL Pointer Dereference
8 % CWE-189 Numeric Errors (CWE/SANS Top 25)
4 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18044
 
Oval ID: oval:org.mitre.oval:def:18044
Title: USN-1940-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1940-1
CVE-2013-1060
CVE-2013-1943
CVE-2013-2206
CVE-2013-4162
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18748
 
Oval ID: oval:org.mitre.oval:def:18748
Title: USN-2016-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2016-1
CVE-2013-2147
CVE-2013-2889
CVE-2013-2893
CVE-2013-2897
CVE-2013-4299
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18861
 
Oval ID: oval:org.mitre.oval:def:18861
Title: USN-1939-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1939-1
CVE-2013-1060
CVE-2013-1943
CVE-2013-2206
CVE-2013-4162
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18987
 
Oval ID: oval:org.mitre.oval:def:18987
Title: USN-2018-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2018-1
CVE-2012-5374
CVE-2012-5375
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19067
 
Oval ID: oval:org.mitre.oval:def:19067
Title: USN-2015-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2015-1
CVE-2013-2147
CVE-2013-2889
CVE-2013-2893
CVE-2013-2897
CVE-2013-4299
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19069
 
Oval ID: oval:org.mitre.oval:def:19069
Title: USN-2017-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2017-1
CVE-2012-5374
CVE-2012-5375
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19273
 
Oval ID: oval:org.mitre.oval:def:19273
Title: USN-1994-1 -- linux-lts-quantal vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1994-1
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19339
 
Oval ID: oval:org.mitre.oval:def:19339
Title: USN-1997-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1997-1
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19344
 
Oval ID: oval:org.mitre.oval:def:19344
Title: USN-1999-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1999-1
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 13.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19368
 
Oval ID: oval:org.mitre.oval:def:19368
Title: USN-1996-1 -- linux vulnerability
Description: The system could be made to expose sensitive information to a local user.
Family: unix Class: patch
Reference(s): USN-1996-1
CVE-2013-2147
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20291
 
Oval ID: oval:org.mitre.oval:def:20291
Title: RHSA-2013:1860: kernel security and bug fix update (Moderate)
Description: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Family: unix Class: patch
Reference(s): RHSA-2013:1860-00
CVE-2013-4299
Version: 6
Platform(s): Red Hat Enterprise Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21068
 
Oval ID: oval:org.mitre.oval:def:21068
Title: RHSA-2013:1436: kernel security and bug fix update (Moderate)
Description: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Family: unix Class: patch
Reference(s): RHSA-2013:1436-00
CESA-2013:1436
CVE-2013-4162
CVE-2013-4299
Version: 31
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21210
 
Oval ID: oval:org.mitre.oval:def:21210
Title: RHSA-2013:1292: kernel security and bug fix update (Moderate)
Description: The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
Family: unix Class: patch
Reference(s): RHSA-2013:1292-00
CESA-2013:1292
CVE-2012-3511
CVE-2013-2141
CVE-2013-4162
Version: 45
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22287
 
Oval ID: oval:org.mitre.oval:def:22287
Title: RHSA-2014:0159: kernel security and bug fix update (Important)
Description: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
Family: unix Class: patch
Reference(s): RHSA-2014:0159-00
CESA-2014:0159
CVE-2013-2929
CVE-2013-6381
CVE-2013-7263
CVE-2013-7265
Version: 39
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23149
 
Oval ID: oval:org.mitre.oval:def:23149
Title: ELSA-2013:1292: kernel security and bug fix update (Moderate)
Description: The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
Family: unix Class: patch
Reference(s): ELSA-2013:1292-00
CVE-2012-3511
CVE-2013-2141
CVE-2013-4162
Version: 17
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23368
 
Oval ID: oval:org.mitre.oval:def:23368
Title: USN-2116-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2116-1
CVE-2013-2929
CVE-2013-4592
CVE-2013-6378
CVE-2013-6380
Version: 5
Platform(s): Ubuntu 13.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23417
 
Oval ID: oval:org.mitre.oval:def:23417
Title: ELSA-2013:1860: kernel security and bug fix update (Moderate)
Description: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Family: unix Class: patch
Reference(s): ELSA-2013:1860-00
CVE-2013-4299
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23426
 
Oval ID: oval:org.mitre.oval:def:23426
Title: ELSA-2013:1436: kernel security and bug fix update (Moderate)
Description: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Family: unix Class: patch
Reference(s): ELSA-2013:1436-00
CVE-2013-4162
CVE-2013-4299
Version: 13
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23441
 
Oval ID: oval:org.mitre.oval:def:23441
Title: USN-2117-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2117-1
CVE-2013-4563
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6376
CVE-2013-6382
CVE-2013-6432
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
Version: 5
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23690
 
Oval ID: oval:org.mitre.oval:def:23690
Title: ELSA-2014:0328: kernel security and bug fix update (Important)
Description: The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
Family: unix Class: patch
Reference(s): ELSA-2014:0328-01
CVE-2013-1860
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
Version: 9
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23863
 
Oval ID: oval:org.mitre.oval:def:23863
Title: ELSA-2014:0285: kernel security, bug fix, and enhancement update (Important)
Description: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
Family: unix Class: patch
Reference(s): ELSA-2014:0285-00
CVE-2013-2929
CVE-2013-4483
CVE-2013-4554
CVE-2013-6381
CVE-2013-6383
CVE-2013-6885
CVE-2013-7263
Version: 12
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23981
 
Oval ID: oval:org.mitre.oval:def:23981
Title: ELSA-2014:0159: kernel security and bug fix update (Important)
Description: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
Family: unix Class: patch
Reference(s): ELSA-2014:0159-00
CVE-2013-2929
CVE-2013-6381
CVE-2013-7263
CVE-2013-7265
Version: 21
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24074
 
Oval ID: oval:org.mitre.oval:def:24074
Title: USN-2135-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2135-1
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24081
 
Oval ID: oval:org.mitre.oval:def:24081
Title: VMware ESX updates to third party libraries
Description: The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2147
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24102
 
Oval ID: oval:org.mitre.oval:def:24102
Title: USN-2134-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2134-1
CVE-2013-4579
CVE-2013-6368
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24140
 
Oval ID: oval:org.mitre.oval:def:24140
Title: USN-2111-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2111-1
CVE-2013-2929
CVE-2013-4592
CVE-2013-6378
CVE-2013-6380
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24219
 
Oval ID: oval:org.mitre.oval:def:24219
Title: RHSA-2014:0328: kernel security and bug fix update (Important)
Description: The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
Family: unix Class: patch
Reference(s): RHSA-2014:0328-01
CESA-2014:0328
CVE-2013-1860
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
Version: 11
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24220
 
Oval ID: oval:org.mitre.oval:def:24220
Title: USN-2113-1 -- linux-lts-saucy vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2113-1
CVE-2013-4563
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6376
CVE-2013-6382
CVE-2013-6432
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24233
 
Oval ID: oval:org.mitre.oval:def:24233
Title: USN-2136-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2136-1
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6376
CVE-2013-6380
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24254
 
Oval ID: oval:org.mitre.oval:def:24254
Title: RHSA-2014:0285: kernel security, bug fix, and enhancement update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6381, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * It was found that the Xen hypervisor implementation did not correctly check privileges of hypercall attempts made by HVM guests, allowing hypercalls to be invoked from protection rings 1 and 2 in addition to ring 0. A local attacker in an HVM guest able to execute code on privilege levels 1 and 2 could potentially use this flaw to further escalate their privileges in that guest. Note: Xen HVM guests running unmodified versions of Red Hat Enterprise Linux and Microsoft Windows are not affected by this issue because they are known to only use protection rings 0 (kernel) and 3 (userspace). (CVE-2013-4554, Moderate) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * It was found that, under specific circumstances, a combination of write operations to write-combined memory and locked CPU instructions may cause a core hang on certain AMD CPUs (for more information, refer to AMD CPU erratum 793 linked in the References section). A privileged user in a guest running under the Xen hypervisor could use this flaw to cause a denial of service on the host system. This update adds a workaround to the Xen hypervisor implementation, which mitigates the AMD CPU issue. Note: this issue only affects AMD Family 16h Models 00h-0Fh Processors. Non-AMD CPUs are not vulnerable. (CVE-2013-6885, Moderate) * It was found that certain protocol handlers in the Linux kernel's networking implementation could set the addr_len value without initializing the associated data structure. A local, unprivileged user could use this flaw to leak kernel stack memory to user space using the recvmsg, recvfrom, and recvmmsg system calls. (CVE-2013-7263, Low) * A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low) Red Hat would like to thank Vladimir Davydov of Parallels for reporting CVE-2013-4483 and the Xen project for reporting CVE-2013-4554 and CVE-2013-6885. Upstream acknowledges Jan Beulich as the original reporter of CVE-2013-4554 and CVE-2013-6885. This update also fixes several bugs and adds one enhancement. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0285-00
CESA-2014:0285
CVE-2013-2929
CVE-2013-4483
CVE-2013-4554
CVE-2013-6381
CVE-2013-6383
CVE-2013-6885
CVE-2013-7263
Version: 21
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24256
 
Oval ID: oval:org.mitre.oval:def:24256
Title: USN-2114-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2114-1
CVE-2013-2929
CVE-2013-4592
CVE-2013-6378
CVE-2013-6380
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24316
 
Oval ID: oval:org.mitre.oval:def:24316
Title: USN-2138-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2138-1
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24325
 
Oval ID: oval:org.mitre.oval:def:24325
Title: USN-2128-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2128-1
CVE-2013-0160
CVE-2013-2929
CVE-2013-4587
CVE-2013-6367
CVE-2013-6380
CVE-2013-6382
CVE-2013-7027
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24332
 
Oval ID: oval:org.mitre.oval:def:24332
Title: USN-2115-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2115-1
CVE-2013-2929
CVE-2013-4592
CVE-2013-6378
CVE-2013-6380
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24383
 
Oval ID: oval:org.mitre.oval:def:24383
Title: USN-2174-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2174-1
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24394
 
Oval ID: oval:org.mitre.oval:def:24394
Title: USN-2139-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2139-1
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24395
 
Oval ID: oval:org.mitre.oval:def:24395
Title: USN-2133-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2133-1
CVE-2013-4579
CVE-2013-6368
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24404
 
Oval ID: oval:org.mitre.oval:def:24404
Title: USN-2141-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2141-1
CVE-2013-4579
CVE-2013-4587
CVE-2013-6367
CVE-2013-6368
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2013-7281
CVE-2014-1438
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 13.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24412
 
Oval ID: oval:org.mitre.oval:def:24412
Title: DSA-2906-1 linux-2.6 - several
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-2906-1
CVE-2013-0343
CVE-2013-2147
CVE-2013-2889
CVE-2013-2893
CVE-2013-2929
CVE-2013-4162
CVE-2013-4299
CVE-2013-4345
CVE-2013-4512
CVE-2013-4587
CVE-2013-6367
CVE-2013-6380
CVE-2013-6381
CVE-2013-6382
CVE-2013-6383
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7339
CVE-2014-0101
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
CVE-2014-2039
CVE-2014-2523
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24423
 
Oval ID: oval:org.mitre.oval:def:24423
Title: USN-2129-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2129-1
CVE-2013-0160
CVE-2013-2929
CVE-2013-4587
CVE-2013-6367
CVE-2013-6380
CVE-2013-6382
CVE-2013-7027
CVE-2013-7266
CVE-2013-7267
CVE-2013-7268
CVE-2013-7269
CVE-2013-7270
CVE-2013-7271
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1874
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24573
 
Oval ID: oval:org.mitre.oval:def:24573
Title: ELSA-2014:0475: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0475-00
CVE-2013-6383
CVE-2014-0077
CVE-2014-2523
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24577
 
Oval ID: oval:org.mitre.oval:def:24577
Title: RHSA-2014:0475: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0475-00
CESA-2014:0475
CVE-2013-6383
CVE-2014-0077
CVE-2014-2523
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24665
 
Oval ID: oval:org.mitre.oval:def:24665
Title: SUSE-SU-2014:0287-1 -- Security update for Linux kernel
Description: This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update to fix a lot of security issues and non-security bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0287-1
CVE-2011-3593
CVE-2012-1601
CVE-2012-2137
CVE-2012-2372
CVE-2012-2745
CVE-2012-3375
CVE-2011-1083
CVE-2012-3412
CVE-2012-3430
CVE-2012-3511
CVE-2012-4444
CVE-2012-4530
CVE-2012-4565
CVE-2012-6537
CVE-2012-6538
CVE-2012-6539
CVE-2012-6540
CVE-2012-6541
CVE-2012-6542
CVE-2012-6544
CVE-2012-6545
CVE-2012-6546
CVE-2012-6547
CVE-2012-6548
CVE-2012-6549
CVE-2013-0160
CVE-2013-0216
CVE-2013-0231
CVE-2013-0268
CVE-2013-0310
CVE-2013-0343
CVE-2013-0349
CVE-2013-0871
CVE-2013-0914
CVE-2013-1767
CVE-2013-1773
CVE-2013-1774
CVE-2013-1792
CVE-2013-1796
CVE-2013-1797
CVE-2013-1798
CVE-2013-1827
CVE-2013-1928
CVE-2013-1943
CVE-2013-2015
CVE-2013-2141
CVE-2013-2147
CVE-2013-2164
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
CVE-2013-2634
CVE-2013-2851
CVE-2013-2852
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2897
CVE-2013-2929
CVE-2013-3222
CVE-2013-3223
CVE-2013-3224
CVE-2013-3225
CVE-2013-3228
CVE-2013-3229
CVE-2013-3231
CVE-2013-3232
CVE-2013-3234
CVE-2013-3235
CVE-2013-4345
CVE-2013-4470
CVE-2013-4483
CVE-2013-4511
CVE-2013-4587
CVE-2013-4588
CVE-2013-4591
CVE-2013-6367
CVE-2013-6368
CVE-2013-6378
CVE-2013-6383
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24846
 
Oval ID: oval:org.mitre.oval:def:24846
Title: USN-2173-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2173-1
CVE-2014-0101
CVE-2014-2523
Version: 4
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24982
 
Oval ID: oval:org.mitre.oval:def:24982
Title: SUSE-SU-2014:0536-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0536-1
CVE-2011-2492
CVE-2011-2494
CVE-2012-6537
CVE-2012-6539
CVE-2012-6540
CVE-2012-6541
CVE-2012-6542
CVE-2012-6544
CVE-2012-6545
CVE-2012-6546
CVE-2012-6547
CVE-2012-6549
CVE-2013-0343
CVE-2013-0914
CVE-2013-1827
CVE-2013-2141
CVE-2013-2164
CVE-2013-2206
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
CVE-2013-2888
CVE-2013-2893
CVE-2013-2897
CVE-2013-3222
CVE-2013-3223
CVE-2013-3224
CVE-2013-3228
CVE-2013-3229
CVE-2013-3231
CVE-2013-3232
CVE-2013-3234
CVE-2013-3235
CVE-2013-4162
CVE-2013-4387
CVE-2013-4470
CVE-2013-4483
CVE-2013-4588
CVE-2013-6383
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25283
 
Oval ID: oval:org.mitre.oval:def:25283
Title: SUSE-SU-2014:0140-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to 3.0.101 and also includes various other bug and security fixes.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0140-1
CVE-2013-4587
CVE-2013-6368
CVE-2013-6367
CVE-2013-4592
CVE-2013-6378
CVE-2013-4514
CVE-2013-4515
CVE-2013-7027
CVE-2013-4483
CVE-2013-4511
CVE-2013-6380
CVE-2013-6463
CVE-2013-6383
CVE-2013-4345
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26566
 
Oval ID: oval:org.mitre.oval:def:26566
Title: ELSA-2014-3015 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.214.4] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462070] {CVE-2014-2523} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461090] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461089] {CVE-2014-0055}
Family: unix Class: patch
Reference(s): ELSA-2014-3015
CVE-2014-0055
CVE-2014-0101
CVE-2014-2523
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26607
 
Oval ID: oval:org.mitre.oval:def:26607
Title: DEPRECATED: ELSA-2014-0475 -- kernel security and bug fix update (important)
Description: A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system.
Family: unix Class: patch
Reference(s): ELSA-2014-0475
CVE-2014-0077
CVE-2013-6383
CVE-2014-2523
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26799
 
Oval ID: oval:org.mitre.oval:def:26799
Title: SUSE-SU-2014:1105-1 -- Security update for the Linux Kernel
Description: The SUSE Linux Enterprise Server 11 SP2 LTSS received a roll up update to fix several security and non-security issues. The following security issues have been fixed: * CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors. (bnc#870173) * CVE-2014-0077: drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions. (bnc#870576) * CVE-2014-1739: The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. (bnc#882804) * CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. (bnc#871797) * CVE-2014-2851: Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter. (bnc#873374) * CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. (bnc#877257) * CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. (bnc#877257) * CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. (bnc#880484) * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. (bnc#883724) * CVE-2014-4652: Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. (bnc#883795) * CVE-2014-4653: sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. (bnc#883795) * CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call. (bnc#883795) * CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. (bnc#883795) * CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function. (bnc#883795) * CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. (bnc#885422) * CVE-2014-4699: The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls. (bnc#885725) * CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction. (bnc#889173) * CVE-2013-4299: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. (bnc#846404) The following bugs have been fixed: * pagecachelimit: reduce lru_lock contention for heavy parallel reclaim (bnc#878509, bnc#864464). * pagecachelimit: reduce lru_lock contention for heavy parallel reclaim kabi fixup (bnc#878509, bnc#864464). * ACPI / PAD: call schedule() when need_resched() is true (bnc#866911). * kabi: Fix breakage due to addition of user_ctl_lock (bnc#883795). * cpuset: Fix memory allocator deadlock (bnc#876590). * tcp: allow to disable cwnd moderation in TCP_CA_Loss state (bnc#879921). * tcp: adapt selected parts of RFC 5682 and PRR logic (bnc#879921). * vlan: more careful checksum features handling (bnc#872634). * bonding: fix vlan_features computing (bnc#872634). * NFSv4: Minor cleanups for nfs4_handle_exception and nfs4_async_handle_error (bnc#889324). * NFS: Do not lose sockets when nfsd shutdown races with connection timeout (bnc#871854). * reiserfs: call truncate_setsize under tailpack mutex (bnc#878115). * reiserfs: drop vmtruncate (bnc#878115). * megaraid_sas: mask off flags in ioctl path (bnc#886474). * block: fix race between request completion and timeout handling (bnc#881051). * drivers/rtc/interface.c: fix infinite loop in initializing the alarm (bnc#871676). * xfrm: check peer pointer for null before calling inet_putpeer() (bnc#877775). * supported.conf: Add firewire/nosy as supported. This driver is the replacement for the ieee1394/pcilynx driver, which was supported. Security Issues: * CVE-2013-4299 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299> * CVE-2014-0055 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0055> * CVE-2014-0077 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077> * CVE-2014-1739 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739> * CVE-2014-2706 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706> * CVE-2014-2851 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851> * CVE-2014-3144 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144> * CVE-2014-3145 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145> * CVE-2014-3917 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917> * CVE-2014-4508 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508> * CVE-2014-4652 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652> * CVE-2014-4653 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653> * CVE-2014-4654 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654> * CVE-2014-4655 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655> * CVE-2014-4656 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656> * CVE-2014-4667 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667> * CVE-2014-4699 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699> * CVE-2014-5077 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1105-1
CVE-2014-0055
CVE-2014-0077
CVE-2014-1739
CVE-2014-2706
CVE-2014-2851
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-4699
CVE-2014-5077
CVE-2013-4299
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): the Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26883
 
Oval ID: oval:org.mitre.oval:def:26883
Title: ELSA-2014-3014 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [3.8.13-26.2.2.el6uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523} - cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055}
Family: unix Class: patch
Reference(s): ELSA-2014-3014
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26926
 
Oval ID: oval:org.mitre.oval:def:26926
Title: ELSA-2014-0771 -- kernel security and bug fix update (important)
Description: [2.6.32-431.20.3] - [kernel] futex: Make lookup_pi_state more robust (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: Always cleanup owner tid in unlock_pi (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: Validate atomic acquisition in futex_lock_pi_atomic() (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: prevent requeue pi on same futex (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708] - [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708] - [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708] - [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708] - [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708] - Revert: [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708] - Revert: [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708] - Revert: [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708] - Revert: [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708] - Revert: [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708]
Family: unix Class: patch
Reference(s): ELSA-2014-0771
CVE-2014-3153
CVE-2014-1737
CVE-2014-1738
CVE-2013-6378
CVE-2014-0203
CVE-2014-1874
CVE-2014-2039
Version: 3
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26968
 
Oval ID: oval:org.mitre.oval:def:26968
Title: ELSA-2013-2576 -- unbreakable enterprise kernel security update (moderate)
Description: [2.6.39-400.209.2] - dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618492] {CVE-2013-4299}
Family: unix Class: patch
Reference(s): ELSA-2013-2576
CVE-2013-4299
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27035
 
Oval ID: oval:org.mitre.oval:def:27035
Title: DEPRECATED: ELSA-2014-0328 -- kernel security and bug fix update (important)
Description: [2.6.32-431.11.2] - [net] sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable (Daniel Borkmann) [1070715 1067451] {CVE-2014-0101} - [vhost] validate vhost_get_vq_desc return value (Michael S. Tsirkin) [1062579 1058677] {CVE-2014-0055}
Family: unix Class: patch
Reference(s): ELSA-2014-0328
CVE-2013-1860
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27042
 
Oval ID: oval:org.mitre.oval:def:27042
Title: ELSA-2014-3042 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.215.3] - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028380] {CVE-2014-1874} - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028444] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028438] {CVE-2014-1737} - libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028416] {CVE-2013-6378}
Family: unix Class: patch
Reference(s): ELSA-2014-3042
CVE-2014-1737
CVE-2014-1738
CVE-2013-6378
CVE-2014-1874
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27043
 
Oval ID: oval:org.mitre.oval:def:27043
Title: ELSA-2014-3022 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.39-400.214.6] - aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721962] {CVE-2013-6383} - vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721977] {CVE-2014-0077}
Family: unix Class: patch
Reference(s): ELSA-2014-3022
CVE-2014-0077
CVE-2013-6383
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27092
 
Oval ID: oval:org.mitre.oval:def:27092
Title: ELSA-2014-3023 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.34.5uek] - aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}
Family: unix Class: patch
Reference(s): ELSA-2014-3023
CVE-2013-6383
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27242
 
Oval ID: oval:org.mitre.oval:def:27242
Title: ELSA-2014-3010 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.32-400.34.3] - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247290] {CVE-2013-7263} {CVE-2013-7265} [2.6.32-400.34.2] - exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18239033] {CVE-2013-2929} {CVE-2013-2929} - inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18239036] {CVE-2013-7263} {CVE-2013-7265}
Family: unix Class: patch
Reference(s): ELSA-2014-3010
CVE-2013-2929
CVE-2013-7263
CVE-2013-7265
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27250
 
Oval ID: oval:org.mitre.oval:def:27250
Title: ELSA-2014-3043 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.36.3uek] - fix autofs/afs/etc. magic mountpoint breakage (Al Viro) [Orabug: 19028505] {CVE-2014-0203} - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028381] {CVE-2014-1874} - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028446] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028439] {CVE-2014-1737} - libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028417] {CVE-2013-6378}
Family: unix Class: patch
Reference(s): ELSA-2014-3043
CVE-2014-1737
CVE-2014-1738
CVE-2013-6378
CVE-2014-1874
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27278
 
Oval ID: oval:org.mitre.oval:def:27278
Title: ELSA-2014-3011 -- Unbreakable Enterprise kernel security update (important)
Description: [3.8.13-26.1.1.el6uek] - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247287] {CVE-2013-7263} {CVE-2013-7265} - inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18238377] {CVE-2013-7263} {CVE-2013-7265} - exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18238348] {CVE-2013-2929}
Family: unix Class: patch
Reference(s): ELSA-2014-3011
CVE-2013-2929
CVE-2013-7263
CVE-2013-7265
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27289
 
Oval ID: oval:org.mitre.oval:def:27289
Title: DEPRECATED: ELSA-2013-1436 -- kernel security and bug fix update (moderate)
Description: [2.6.32-358.23.2] - [md] dm-snapshot: fix data corruption (Mikulas Patocka) [1004252 1004233] {CVE-2013-4299}
Family: unix Class: patch
Reference(s): ELSA-2013-1436
CVE-2013-4162
CVE-2013-4299
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27318
 
Oval ID: oval:org.mitre.oval:def:27318
Title: ELSA-2014-3021 -- Unbreakable Enterprise kernel security update (important)
Description: [3.8.13-26.2.4.el6uek] - aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383} - vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}
Family: unix Class: patch
Reference(s): ELSA-2014-3021
CVE-2014-0077
CVE-2013-6383
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27319
 
Oval ID: oval:org.mitre.oval:def:27319
Title: ELSA-2014-3009 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.214.3] - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247289] {CVE-2013-7263} {CVE-2013-7265} [2.6.39-400.214.2] - inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18238382] {CVE-2013-7263} {CVE-2013-7265} - exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18238353] {CVE-2013-2929}
Family: unix Class: patch
Reference(s): ELSA-2014-3009
CVE-2013-2929
CVE-2013-7263
CVE-2013-7265
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27343
 
Oval ID: oval:org.mitre.oval:def:27343
Title: ELSA-2013-2589 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.33.4uek] - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls (Emese Revfy) [Orabug: 17951083] {CVE-2013-2141} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367}
Family: unix Class: patch
Reference(s): ELSA-2013-2589
CVE-2013-2141
CVE-2013-4470
CVE-2013-6367
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27347
 
Oval ID: oval:org.mitre.oval:def:27347
Title: ELSA-2014-3016 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.34.4uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462076] {CVE-2014-2523} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461091] {CVE-2014-0101}
Family: unix Class: patch
Reference(s): ELSA-2014-3016
CVE-2014-0101
CVE-2014-2523
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27378
 
Oval ID: oval:org.mitre.oval:def:27378
Title: ELSA-2013-2575 -- unbreakable enterprise kernel security update (moderate)
Description: kernel-uek [2.6.32-400.33.2] - dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] {CVE-2013-4299} - ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] {CVE-2013-4162}
Family: unix Class: patch
Reference(s): ELSA-2013-2575
CVE-2013-4162
CVE-2013-4299
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27384
 
Oval ID: oval:org.mitre.oval:def:27384
Title: DEPRECATED: ELSA-2013-1292 -- kernel security and bug fix update (moderate)
Description: kernel [2.6.18-348.18.1] - [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [1005239 987539] - [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970874 970875] {CVE-2013-2141} - [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987647 987648] {CVE-2013-4162} - [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849735 849736] {CVE-2012-3511} - [fs] autofs: remove autofs dentry mount check (Ian Kent) [1001488 928098]
Family: unix Class: patch
Reference(s): ELSA-2013-1292
CVE-2012-3511
CVE-2013-2141
CVE-2013-4162
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27409
 
Oval ID: oval:org.mitre.oval:def:27409
Title: DEPRECATED: ELSA-2014-0159 -- kernel security and bug fix update (important)
Description: [2.6.32-431.5.1] - [net] sctp: fix checksum marking for outgoing packets (Daniel Borkmann) [1046041 1040385] - [kernel] ptrace: Cleanup useless header (Aaron Tomlin) [1046043 1036312] - [kernel] ptrace: kill BKL in ptrace syscall (Aaron Tomlin) [1046043 1036312] - [fs] nfs: Prevent a 3-way deadlock between layoutreturn, open and state recovery (Steve Dickson) [1045094 1034487] - [fs] nfs: Ensure that rmdir() waits for sillyrenames to complete (Steve Dickson) [1051395 1034348] - [fs] nfs: wait on recovery for async session errors (Steve Dickson) [1051393 1030049] - [fs] nfs: Re-use exit code in nfs4_async_handle_error() (Steve Dickson) [1051393 1030049] - [fs] nfs: Update list of irrecoverable errors on DELEGRETURN (Steve Dickson) [1051393 1030049] - [exec] ptrace: fix get_dumpable() incorrect tests (Petr Oros) [1039486 1039487] {CVE-2013-2929} - [net] ipv6: router reachability probing (Jiri Benc) [1043779 1029585] - [net] ipv6: remove the unnecessary statement in find_match() (Jiri Benc) [1043779 1029585] - [net] ipv6: fix route selection if kernel is not compiled with CONFIG_IPV6_ROUTER_PREF (Jiri Benc) [1043779 1029585] - [net] ipv6: Fix default route failover when CONFIG_IPV6_ROUTER_PREF=n (Jiri Benc) [1043779 1029585] - [net] ipv6: probe routes asynchronous in rt6_probe (Jiri Benc) [1040826 1030094] - [net] ndisc: Update neigh->updated with write lock (Jiri Benc) [1040826 1030094] - [net] ipv6: prevent fib6_run_gc() contention (Jiri Benc) [1040826 1030094] - [net] netfilter: push reasm skb through instead of original frag skbs (Jiri Pirko) [1049590 1011214] - [net] ip6_output: fragment outgoing reassembled skb properly (Jiri Pirko) [1049590 1011214] - [net] netfilter: nf_conntrack_ipv6: improve fragmentation handling (Jiri Pirko) [1049590 1011214] - [net] ipv4: fix path MTU discovery with connection tracking (Jiri Pirko) [1049590 1011214] - [net] ipv6: Make IP6CB(skb)->nhoff 16-bit (Jiri Pirko) [1049590 1011214] - [edac] Add error decoding support for AMD Fam16h processors (Prarit Bhargava) [1051394 1020290] - [netdrv] bnx2x: correct VF-PF channel locking scheme (Michal Schmidt) [1040498 1029203] - [netdrv] bnx2x: handle known but unsupported VF messages (Michal Schmidt) [1040498 1029203] - [netdrv] bnx2x: Lock DMAE when used by statistic flow (Michal Schmidt) [1040497 1029200] - [net] ipv6: fix leaking uninitialized port number of offender sockaddr (Florian Westphal) [1035882 1035883] {CVE-2013-6405} - [net] inet: fix addr_len/msg->msg_namelen assignment in recv_error functions (Florian Westphal) [1035882 1035883] {CVE-2013-6405} - [net] inet: prevent leakage of uninitialized memory to user in recv syscalls (Florian Westphal) [1035882 1035883] {CVE-2013-6405} - [net] ipvs: Add boundary check on ioctl arguments (Denys Vlasenko) [1030817 1030818] {CVE-2013-4588} - [s390] qeth: avoid buffer overflow in snmp ioctl (Hendrik Brueckner) [1038935 1034266] - [md] fix calculation of stacking limits on level change (Jes Sorensen) [1035347 1026864] - [ata] ahci: fix turning on LEDs in ahci_start_port() (David Milburn) [1035339 1017105] - [ata] libata: implement cross-port EH exclusion (David Milburn) [1035339 1017105] - [ata] libata add ap to ata_wait_register and intro ata_msleep (David Milburn) [1035339 1017105] - [netdrv] igb: Update link modes display in ethtool (Stefan Assmann) [1032389 1019578]
Family: unix Class: patch
Reference(s): ELSA-2014-0159
CVE-2013-2929
CVE-2013-6381
CVE-2013-7263
CVE-2013-7265
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27413
 
Oval ID: oval:org.mitre.oval:def:27413
Title: ELSA-2013-2588 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.211.3] - ip6_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951806] {CVE-2013-4470} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951818] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951705] {CVE-2013-6367}
Family: unix Class: patch
Reference(s): ELSA-2013-2588
CVE-2013-4470
CVE-2013-6367
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27491
 
Oval ID: oval:org.mitre.oval:def:27491
Title: ELSA-2013-1292-1 -- kernel security and bug fix update (moderate)
Description: This update fixes the following security issues: * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-4162, Moderate) * An information leak flaw in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space.
Family: unix Class: patch
Reference(s): ELSA-2013-1292-1
CVE-2012-3511
CVE-2013-2141
CVE-2013-4162
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
ocfs2
oracleasm
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27502
 
Oval ID: oval:org.mitre.oval:def:27502
Title: ELSA-2013-2577 -- unbreakable enterprise kernel security update (moderate)
Description: kernel-uek [3.8.13-16.1.1.el6uek] - dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17617582] {CVE-2013-4299}
Family: unix Class: patch
Reference(s): ELSA-2013-2577
CVE-2013-4299
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
dtrace-modules-3.8.13-16.1.1.el6uek-provider-headers
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 19
Application 9
Application 12
Application 9
Application 31
Application 12
Application 6
Application 25
Application 21
Application 25
Application 10
Application 19
Application 13
Application 24
Application 1
Application 1
Application 6
Application 4
Application 6
Application 1
Hardware 7
Hardware 6
Os 4
Os 2
Os 2061
Os 3
Os 2
Os 1
Os 3
Os 1
Os 2
Os 1
Os 1
Os 5
Os 2

Snort® IPS/IDS

Date Description
2016-03-15 Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt
RuleID : 37654 - Revision : 2 - Type : OS-LINUX
2016-03-14 Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt
RuleID : 37408 - Revision : 2 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0140-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0189-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0772-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0773-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1138-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0652-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-01-15 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15984.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-793.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141209_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2014-11-11 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0815.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1450.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1460.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1519.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1783.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1802.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1860.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0284.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0339.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0419.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0432.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0476.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0593.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0629.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0634.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1101.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-1168.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-328.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15317.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1264.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1490.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0100.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0439.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO
2014-07-02 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-451.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-441.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3042.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3043.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140619_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-1034.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-813.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-113.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-114.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0740-1.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140610_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-06-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2225-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2228-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2219-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2220-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO
2014-05-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3021.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3022.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3023.nasl - Type : ACT_GATHER_INFO
2014-05-09 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO
2014-05-09 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140507_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2173-1.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2174-1.nasl - Type : ACT_GATHER_INFO
2014-04-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140408.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2158-1.nasl - Type : ACT_GATHER_INFO
2014-03-28 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-317.nasl - Type : ACT_GATHER_INFO
2014-03-28 Name : The remote Fedora host is missing a security update.
File : fedora_2014-4317.nasl - Type : ACT_GATHER_INFO
2014-03-28 Name : The remote Fedora host is missing a security update.
File : fedora_2014-4360.nasl - Type : ACT_GATHER_INFO
2014-03-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3016.nasl - Type : ACT_GATHER_INFO
2014-03-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140321.nasl - Type : ACT_GATHER_INFO
2014-03-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3014.nasl - Type : ACT_GATHER_INFO
2014-03-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3015.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0328.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0328.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0328.nasl - Type : ACT_GATHER_INFO
2014-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140325_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0285-1.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140312_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Fedora host is missing a security update.
File : fedora_2014-3448.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2133-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2135-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2136-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2137-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2138-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2140-1.nasl - Type : ACT_GATHER_INFO
2014-03-07 Name : The remote Fedora host is missing a security update.
File : fedora_2014-3442.nasl - Type : ACT_GATHER_INFO
2014-03-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2128-1.nasl - Type : ACT_GATHER_INFO
2014-03-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2129-1.nasl - Type : ACT_GATHER_INFO
2014-03-03 Name : The remote Fedora host is missing a security update.
File : fedora_2014-2887.nasl - Type : ACT_GATHER_INFO
2014-03-02 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-289.nasl - Type : ACT_GATHER_INFO
2014-03-02 Name : The remote Fedora host is missing a security update.
File : fedora_2014-3094.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2107-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2108-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2109-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2111-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2112-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2113-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2114-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2117-1.nasl - Type : ACT_GATHER_INFO
2014-02-18 Name : The remote Fedora host is missing a security update.
File : fedora_2014-2576.nasl - Type : ACT_GATHER_INFO
2014-02-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-038.nasl - Type : ACT_GATHER_INFO
2014-02-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3009.nasl - Type : ACT_GATHER_INFO
2014-02-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3010.nasl - Type : ACT_GATHER_INFO
2014-02-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3011.nasl - Type : ACT_GATHER_INFO
2014-02-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0159.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3002.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140211_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140212_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-02-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0159.nasl - Type : ACT_GATHER_INFO
2014-02-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0159.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140124.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140125.nasl - Type : ACT_GATHER_INFO
2014-01-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140116.nasl - Type : ACT_GATHER_INFO
2014-01-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-1062.nasl - Type : ACT_GATHER_INFO
2014-01-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-1072.nasl - Type : ACT_GATHER_INFO
2014-01-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-001.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2064-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2065-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2066-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2068-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2069-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2070-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2071-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2073-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2075-1.nasl - Type : ACT_GATHER_INFO
2013-12-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23445.nasl - Type : ACT_GATHER_INFO
2013-12-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23653.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-291.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2587.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2589.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2588.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131212_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-14 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-258.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1801.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1801.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1801.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Fedora host is missing a security update.
File : fedora_2013-22695.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Fedora host is missing a security update.
File : fedora_2013-22818.nasl - Type : ACT_GATHER_INFO
2013-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2049-1.nasl - Type : ACT_GATHER_INFO
2013-12-08 Name : The remote Fedora host is missing a security update.
File : fedora_2013-22669.nasl - Type : ACT_GATHER_INFO
2013-12-06 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO
2013-12-05 Name : The remote Fedora host is missing a security update.
File : fedora_2013-22531.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2038-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2040-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2041-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2042-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2043-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2045-1.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2583.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2584.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2585.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2015-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2016-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2017-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2019-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2020-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2021-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2023-1.nasl - Type : ACT_GATHER_INFO
2013-10-25 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2577.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-233.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1449-1.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131022_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1994-1.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1996-1.nasl - Type : ACT_GATHER_INFO
2013-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2575.nasl - Type : ACT_GATHER_INFO
2013-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2576.nasl - Type : ACT_GATHER_INFO
2013-10-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1436.nasl - Type : ACT_GATHER_INFO
2013-10-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131016_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-10-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1436.nasl - Type : ACT_GATHER_INFO
2013-10-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1436.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17942.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17982.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-228.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17865.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1976-1.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1977-1.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1292.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1292-1.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1292.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130926_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-09-27 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-242.nasl - Type : ACT_GATHER_INFO
2013-09-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1292.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130827.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130828.nasl - Type : ACT_GATHER_INFO
2013-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16336.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16379.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1939-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1940-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1941-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1943-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1944-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1947-1.nasl - Type : ACT_GATHER_INFO
2013-09-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1938-1.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2745.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-15151.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-15198.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166-1.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130820_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-10689.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-10695.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-9123.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-194.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-04-28 13:21:56
  • Multiple Updates
2014-04-25 05:20:18
  • First insertion