Executive Summary
Summary | |
---|---|
Title | kernel-rt security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0758 | First vendor Publication | 2010-10-07 |
Vendor | RedHat | Last vendor Modification | 2010-10-07 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel-rt packages that fix two security issues and three bugs are now available for Red Hat Enterprise MRG 1.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 5 Server - i386, noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important) * A missing upper bound integer check was found in the sys_io_submit() function in the Linux kernel asynchronous I/O implementation. A local, unprivileged user could use this flaw to cause an information leak. (CVE-2010-3067, Low) Red Hat would like to thank Ben Hawkes for reporting CVE-2010-3081, and Tavis Ormandy for reporting CVE-2010-3067. This update also fixes the following bugs: * The RHSA-2010:0631 kernel-rt update resolved an issue (CVE-2010-2240) where, when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring. This update implements the official upstream fixes for that issue. Note: This is not a security regression. The original fix was complete. (BZ#624604) * In certain circumstances, under heavy load, certain network interface cards using the bnx2 driver, and configured to use MSI-X, could stop processing interrupts and then network connectivity would cease. (BZ#622952) * This update upgrades the tg3 driver to version 3.110. (BZ#640334) Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 624604 - Backport official CVE-2010-2240 fixes 629441 - CVE-2010-3067 kernel: do_io_submit() infoleak 634457 - CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow 640334 - update MRG 1.2 tg3 driver to latest upstream driver |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0758.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13247 | |||
Oval ID: | oval:org.mitre.oval:def:13247 | ||
Title: | ESX third party update for Service Console kernel | ||
Description: | The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-2240 | Version: | 4 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19910 | |||
Oval ID: | oval:org.mitre.oval:def:19910 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-2240 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20098 | |||
Oval ID: | oval:org.mitre.oval:def:20098 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3067 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20479 | |||
Oval ID: | oval:org.mitre.oval:def:20479 | ||
Title: | VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console | ||
Description: | The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-2240 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20529 | |||
Oval ID: | oval:org.mitre.oval:def:20529 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3081 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22076 | |||
Oval ID: | oval:org.mitre.oval:def:22076 | ||
Title: | RHSA-2010:0661: kernel security update (Important) | ||
Description: | The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0661-01 CESA-2010:0661 CVE-2010-2240 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22300 | |||
Oval ID: | oval:org.mitre.oval:def:22300 | ||
Title: | RHSA-2010:0704: kernel security update (Important) | ||
Description: | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0704-01 CESA-2010:0704 CVE-2010-3081 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23170 | |||
Oval ID: | oval:org.mitre.oval:def:23170 | ||
Title: | ELSA-2010:0704: kernel security update (Important) | ||
Description: | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0704-01 CVE-2010-3081 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27240 | |||
Oval ID: | oval:org.mitre.oval:def:27240 | ||
Title: | ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update (important) | ||
Description: | Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-2009 CVE-2010-3477 CVE-2010-3904 CVE-2010-3067 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27891 | |||
Oval ID: | oval:org.mitre.oval:def:27891 | ||
Title: | DEPRECATED: ELSA-2010-0661 -- kernel security update (important) | ||
Description: | [2.6.18-194.11.3.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.3.el5] - [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} [2.6.18-194.11.2.el5] - [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0661 CVE-2010-2240 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28053 | |||
Oval ID: | oval:org.mitre.oval:def:28053 | ||
Title: | DEPRECATED: ELSA-2010-0704 -- kernel security update (important) | ||
Description: | [2.6.18-194.11.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.4.el5] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0704 CVE-2010-3081 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-03-16 | Name : VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client upd... File : nvt/gb_VMSA-2011-0009.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2012-03-15 | Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ... File : nvt/gb_VMSA-2011-0007.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0704 centos5 i386 File : nvt/gb_CESA-2010_0704_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0839 centos5 i386 File : nvt/gb_CESA-2010_0839_kernel_centos5_i386.nasl |
2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:047 File : nvt/gb_suse_2010_047.nasl |
2011-01-04 | Name : Mandriva Update for kernel MDVSA-2010:257 (kernel) File : nvt/gb_mandriva_MDVSA_2010_257.nasl |
2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
2010-12-09 | Name : Mandriva Update for kernel MDVSA-2010:247 (kernel) File : nvt/gb_mandriva_MDVSA_2010_247.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-14832 File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl |
2010-11-16 | Name : RedHat Update for kernel RHSA-2010:0839-01 File : nvt/gb_RHSA-2010_0839-01_kernel.nasl |
2010-11-04 | Name : CentOS Update for kernel CESA-2010:0779 centos4 i386 File : nvt/gb_CESA-2010_0779_kernel_centos4_i386.nasl |
2010-10-22 | Name : RedHat Update for kernel RHSA-2010:0779-01 File : nvt/gb_RHSA-2010_0779-01_kernel.nasl |
2010-10-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1 File : nvt/gb_ubuntu_USN_1000_1.nasl |
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2110-1 (linux-2.6) File : nvt/deb_2110_1.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2094-1 (linux-2.6) File : nvt/deb_2094_1.nasl |
2010-10-01 | Name : RedHat Update for kernel RHSA-2010:0718-01 File : nvt/gb_RHSA-2010_0718-01_kernel.nasl |
2010-10-01 | Name : CentOS Update for kernel CESA-2010:0718 centos4 i386 File : nvt/gb_CESA-2010_0718_kernel_centos4_i386.nasl |
2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:043 File : nvt/gb_suse_2010_043.nasl |
2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:172 (kernel) File : nvt/gb_mandriva_MDVSA_2010_172.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2010-09-27 | Name : RedHat Update for kernel RHSA-2010:0704-01 File : nvt/gb_RHSA-2010_0704-01_kernel.nasl |
2010-09-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-988-1 File : nvt/gb_ubuntu_USN_988_1.nasl |
2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14890 File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl |
2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14878 File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl |
2010-09-10 | Name : RedHat Update for kernel RHSA-2010:0676-01 File : nvt/gb_RHSA-2010_0676-01_kernel.nasl |
2010-09-10 | Name : CentOS Update for kernel CESA-2010:0676 centos4 i386 File : nvt/gb_CESA-2010_0676_kernel_centos4_i386.nasl |
2010-09-07 | Name : RedHat Update for kernel RHSA-2010:0661-01 File : nvt/gb_RHSA-2010_0661-01_kernel.nasl |
2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13110 File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl |
2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13058 File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl |
2010-08-30 | Name : Ubuntu Update for linux regression USN-974-2 File : nvt/gb_ubuntu_USN_974_2.nasl |
2010-08-20 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-974-1 File : nvt/gb_ubuntu_USN_974_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-240-06 xorg-server File : nvt/esoft_slk_ssa_2010_240_06.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68213 | Linux Kernel on 64-bit include/asm/compat.h compat_alloc_user_space Function ... |
68174 | Linux Kernel fs/aio.c do_io_submit Function Crafted io_submit System Call Loc... |
67237 | Linux Kernel mm/memory.c do_anonymous_page Function Shared Memory Segment Bot... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
2011-06-09 | IAVM : 2011-A-0075 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0028311 |
2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
2010-09-23 | IAVM : 2010-B-0085 - Linux Kernel Privilege Escalation Vulnerability Severity : Category I - VMSKEY : V0025410 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0017_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0007_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0718.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0704.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0676.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2009.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_xorg-x11-server-dmx-120410.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_xorg-x11-server-rdp-120410.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0660.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0705.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0670.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0677.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0711.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0719.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100907_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100921_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101109_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7137.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
2011-06-06 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0009.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-265-01.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
2011-04-29 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2011-02-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2010-12-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO |
2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-247.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100920.nasl - Type : ACT_GATHER_INFO |
2010-12-01 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0017.nasl - Type : ACT_GATHER_INFO |
2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7133.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xorg-x11-Xvnc-7126.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12638.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2010-09-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12646.nasl - Type : ACT_GATHER_INFO |
2010-09-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO |
2010-09-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO |
2010-09-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-988-1.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO |
2010-08-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-240-06.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-974-2.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13058.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13110.nasl - Type : ACT_GATHER_INFO |
2010-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2094.nasl - Type : ACT_GATHER_INFO |
2010-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-974-1.nasl - Type : ACT_GATHER_INFO |