Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kernel security and bug fix update
Informations
Name RHSA-2011:1465 First vendor Publication 2011-11-22
Vendor RedHat Last vendor Modification 2011-11-22
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issues:

* IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. (CVE-2011-2699, Important)

* A signedness issue was found in the Linux kernel's CIFS (Common Internet File System) implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. (CVE-2011-3191, Important)

* A flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload (UFO) functionality on. A remote attacker could use this flaw to cause a denial of service. (CVE-2011-4326, Important)

* The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were generated could allow a man-in-the-middle attacker to inject packets and possibly hijack connections. Protocol sequence numbers and fragment IDs are now more random. (CVE-2011-3188, Moderate)

* A buffer overflow flaw was found in the Linux kernel's FUSE (Filesystem in Userspace) implementation. A local user in the fuse group who has access to mount a FUSE file system could use this flaw to cause a denial of service. (CVE-2011-3353, Moderate)

* A flaw was found in the b43 driver in the Linux kernel. If a system had an active wireless interface that uses the b43 driver, an attacker able to send a specially-crafted frame to that interface could cause a denial of service. (CVE-2011-3359, Moderate)

* A flaw was found in the way CIFS shares with DFS referrals at their root were handled. An attacker on the local network who is able to deploy a malicious CIFS server could create a CIFS network share that, when mounted, would cause the client system to crash. (CVE-2011-3363, Moderate)

* A flaw was found in the way the Linux kernel handled VLAN 0 frames with the priority tag set. When using certain network drivers, an attacker on the local network could use this flaw to cause a denial of service. (CVE-2011-3593, Moderate)

* A flaw in the way memory containing security-related data was handled in tpm_read() could allow a local, unprivileged user to read the results of a previously run TPM command. (CVE-2011-1162, Low)

* A heap overflow flaw was found in the Linux kernel's EFI GUID Partition Table (GPT) implementation. A local attacker could use this flaw to cause a denial of service by mounting a disk that contains specially-crafted partition tables. (CVE-2011-1577, Low)

* The I/O statistics from the taskstats subsystem could be read without any restrictions. A local, unprivileged user could use this flaw to gather confidential information, such as the length of a password used in a process. (CVE-2011-2494, Low)

* It was found that the perf tool, a part of the Linux kernel's Performance Events implementation, could load its configuration file from the current working directory. If a local user with access to the perf tool were tricked into running perf in a directory that contains a specially-crafted configuration file, it could cause perf to overwrite arbitrary files and directories accessible to that user. (CVE-2011-2905, Low)

Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699; Darren Lavender for reporting CVE-2011-3191; Dan Kaminsky for reporting CVE-2011-3188; Yogesh Sharma for reporting CVE-2011-3363; Gideon Naim for reporting CVE-2011-3593; Peter Huewe for reporting CVE-2011-1162; Timo Warns for reporting CVE-2011-1577; and Vasiliy Kulikov of Openwall for reporting CVE-2011-2494.

This update also fixes various bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.

4. Solution:

Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

695976 - CVE-2011-1577 kernel: corrupted GUID partition tables can cause kernel oops 716842 - CVE-2011-2494 kernel: taskstats io infoleak 723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable 729808 - CVE-2011-2905 kernel: perf tools: may parse user-controlled configuration file 732629 - CVE-2011-1162 kernel: tpm: infoleak 732658 - CVE-2011-3188 kernel: net: improve sequence number generation 732869 - CVE-2011-3191 kernel: cifs: signedness issue in CIFSFindNext() 736761 - CVE-2011-3353 kernel: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message 738202 - CVE-2011-3359 kernel: b43: allocate receive buffers big enough for max frame len + offset 738291 - CVE-2011-3363 kernel: cifs: always do is_path_accessible check in cifs_mount 740352 - make guest mode entry to be rcu quiescent state [rhel-6.1.z] 741166 - enclosure fix [rhel-6.1.z] 742846 - CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames 743807 - igb: failed to activate WOL on 2nd LAN port on i350 [rhel-6.1.z] 744811 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time [rhel-6.1.z] 748808 - Host got crash when guest running netperf client with UDP_STREAM protocol with IPV6 [rhel-6.1.z] 755584 - CVE-2011-4326 kernel: wrong headroom check in udp6_ufo_fragment()

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2011-1465.html

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
22 % CWE-399 Resource Management Errors
22 % CWE-200 Information Exposure
11 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
11 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13860
 
Oval ID: oval:org.mitre.oval:def:13860
Title: USN-1168-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1168-1
CVE-2011-1017
CVE-2011-1090
CVE-2011-1163
CVE-2011-1494
CVE-2011-1495
CVE-2011-1593
CVE-2011-1598
CVE-2011-1748
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
CVE-2011-1759
CVE-2011-1770
CVE-2011-1776
CVE-2011-3363
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14087
 
Oval ID: oval:org.mitre.oval:def:14087
Title: USN-1161-1 -- linux-ec2 vulnerabilities
Description: linux-ec2: Linux kernel for EC2 Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1161-1
CVE-2010-3881
CVE-2011-1017
CVE-2011-1090
CVE-2011-1163
CVE-2011-1494
CVE-2011-1495
CVE-2011-1593
CVE-2011-1598
CVE-2011-1748
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
CVE-2011-1759
CVE-2011-1770
CVE-2011-1776
CVE-2011-3363
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14722
 
Oval ID: oval:org.mitre.oval:def:14722
Title: USN-1253-1 -- Linux kernel vulnerabilities
Description: linux: Linux kernel Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1253-1
CVE-2011-1576
CVE-2011-1833
CVE-2011-2494
CVE-2011-2495
CVE-2011-2497
CVE-2011-2695
CVE-2011-2699
CVE-2011-2905
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3593
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14880
 
Oval ID: oval:org.mitre.oval:def:14880
Title: USN-1193-1 -- Linux kernel vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1193-1
CVE-2011-1577
CVE-2011-1581
CVE-2011-2182
CVE-2011-2484
CVE-2011-2493
CVE-2011-3619
CVE-2011-4087
CVE-2011-4326
Version: 5
Platform(s): Ubuntu 11.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15037
 
Oval ID: oval:org.mitre.oval:def:15037
Title: USN-1281-1 -- Linux (OMAP4) vulnerabilities
Description: linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1281-1
CVE-2011-2183
CVE-2011-2479
CVE-2011-2491
CVE-2011-2494
CVE-2011-2495
CVE-2011-2496
CVE-2011-2517
CVE-2011-2905
CVE-2011-2909
CVE-2011-3363
Version: 5
Platform(s): Ubuntu 11.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15273
 
Oval ID: oval:org.mitre.oval:def:15273
Title: USN-1294-1 -- Linux kernel (Oneiric backport) vulnerabilities
Description: linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1294-1
CVE-2011-1162
CVE-2011-2494
CVE-2011-2942
CVE-2011-3209
CVE-2011-3638
CVE-2011-4087
CVE-2011-4326
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15280
 
Oval ID: oval:org.mitre.oval:def:15280
Title: USN-1329-1 -- Linux kernel (OMAP4) vulnerability
Description: linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions.
Family: unix Class: patch
Reference(s): USN-1329-1
CVE-2011-3353
Version: 5
Platform(s): Ubuntu 11.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17659
 
Oval ID: oval:org.mitre.oval:def:17659
Title: USN-1245-1 -- linux-mvl-dove vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1245-1
CVE-2011-1576
CVE-2011-1833
CVE-2011-2494
CVE-2011-2495
CVE-2011-2497
CVE-2011-2695
CVE-2011-2699
CVE-2011-2905
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3593
Version: 7
Platform(s): Ubuntu 10.10
Product(s): linux-mvl-dove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17757
 
Oval ID: oval:org.mitre.oval:def:17757
Title: USN-1241-1 -- linux-fsl-imx51 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1241-1
CVE-2011-1573
CVE-2011-1576
CVE-2011-1776
CVE-2011-2213
CVE-2011-2494
CVE-2011-2495
CVE-2011-2496
CVE-2011-2497
CVE-2011-2517
CVE-2011-2525
CVE-2011-2695
CVE-2011-2723
CVE-2011-2905
CVE-2011-2909
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3363
CVE-2011-3593
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17903
 
Oval ID: oval:org.mitre.oval:def:17903
Title: USN-1239-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1239-1
CVE-2011-1576
CVE-2011-1833
CVE-2011-2494
CVE-2011-2495
CVE-2011-2497
CVE-2011-2695
CVE-2011-2699
CVE-2011-2905
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3593
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17911
 
Oval ID: oval:org.mitre.oval:def:17911
Title: USN-1243-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1243-1
CVE-2010-4250
CVE-2011-1479
CVE-2011-2494
CVE-2011-2495
CVE-2011-2695
CVE-2011-2905
CVE-2011-2909
CVE-2011-3188
CVE-2011-3363
Version: 7
Platform(s): Ubuntu 10.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17913
 
Oval ID: oval:org.mitre.oval:def:17913
Title: USN-1246-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1246-1
CVE-2011-2213
CVE-2011-2497
CVE-2011-2695
CVE-2011-2700
CVE-2011-2723
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
Version: 7
Platform(s): Ubuntu 11.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19309
 
Oval ID: oval:org.mitre.oval:def:19309
Title: CRITICAL PATCH UPDATE JULY 2012
Description: The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2699
Version: 3
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20253
 
Oval ID: oval:org.mitre.oval:def:20253
Title: VMware vSphere and vCOps updates to third party libraries
Description: The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3188
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20573
 
Oval ID: oval:org.mitre.oval:def:20573
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1577
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20613
 
Oval ID: oval:org.mitre.oval:def:20613
Title: VMware ESXi and ESX address several security issues
Description: Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3191
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20617
 
Oval ID: oval:org.mitre.oval:def:20617
Title: VMware vSphere and vCOps updates to third party libraries
Description: The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3363
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20720
 
Oval ID: oval:org.mitre.oval:def:20720
Title: VMware vSphere and vCOps updates to third party libraries
Description: The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2699
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20777
 
Oval ID: oval:org.mitre.oval:def:20777
Title: USN-1242-1 -- linux-lts-backport-maverick vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1242-1
CVE-2010-4250
CVE-2011-1479
CVE-2011-2494
CVE-2011-2495
CVE-2011-2695
CVE-2011-2905
CVE-2011-2909
CVE-2011-3188
CVE-2011-3363
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-lts-backport-maverick
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20810
 
Oval ID: oval:org.mitre.oval:def:20810
Title: USN-1220-1 -- linux-ti-omap4 vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1220-1
CVE-2011-1576
CVE-2011-1776
CVE-2011-2213
CVE-2011-2497
CVE-2011-2700
CVE-2011-2723
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3593
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20812
 
Oval ID: oval:org.mitre.oval:def:20812
Title: USN-1228-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1228-1
CVE-2011-1776
CVE-2011-2213
CVE-2011-2497
CVE-2011-2695
CVE-2011-2700
CVE-2011-2723
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
Version: 5
Platform(s): Ubuntu 11.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20867
 
Oval ID: oval:org.mitre.oval:def:20867
Title: USN-1244-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1244-1
CVE-2010-3873
CVE-2011-2183
CVE-2011-2491
CVE-2011-2494
CVE-2011-2495
CVE-2011-2517
CVE-2011-2695
CVE-2011-2905
CVE-2011-2909
CVE-2011-3363
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20944
 
Oval ID: oval:org.mitre.oval:def:20944
Title: USN-1240-1 -- linux-mvl-dove vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1240-1
CVE-2011-1576
CVE-2011-1833
CVE-2011-2494
CVE-2011-2495
CVE-2011-2497
CVE-2011-2695
CVE-2011-2699
CVE-2011-2905
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3593
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-mvl-dove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21080
 
Oval ID: oval:org.mitre.oval:def:21080
Title: USN-1219-1 -- linux-lts-backport-maverick vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1219-1
CVE-2011-1576
CVE-2011-1776
CVE-2011-1833
CVE-2011-2213
CVE-2011-2497
CVE-2011-2699
CVE-2011-2700
CVE-2011-2723
CVE-2011-2918
CVE-2011-2928
CVE-2011-3191
CVE-2011-3593
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-lts-backport-maverick
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21093
 
Oval ID: oval:org.mitre.oval:def:21093
Title: USN-1236-1 -- linux vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1236-1
CVE-2009-4067
CVE-2011-1573
CVE-2011-2494
CVE-2011-2495
CVE-2011-3188
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21107
 
Oval ID: oval:org.mitre.oval:def:21107
Title: USN-1225-1 -- linux vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1225-1
CVE-2011-1776
CVE-2011-2213
CVE-2011-2497
CVE-2011-2699
CVE-2011-2928
CVE-2011-3191
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21112
 
Oval ID: oval:org.mitre.oval:def:21112
Title: USN-1227-1 -- linux vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1227-1
CVE-2011-1576
CVE-2011-1776
CVE-2011-1833
CVE-2011-2213
CVE-2011-2497
CVE-2011-2699
CVE-2011-2700
CVE-2011-2723
CVE-2011-2918
CVE-2011-2928
CVE-2011-3191
CVE-2011-3593
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21641
 
Oval ID: oval:org.mitre.oval:def:21641
Title: RHSA-2011:1465: kernel security and bug fix update (Important)
Description: The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.
Family: unix Class: patch
Reference(s): RHSA-2011:1465-01
CVE-2011-1162
CVE-2011-1577
CVE-2011-2494
CVE-2011-2699
CVE-2011-2905
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3359
CVE-2011-3363
CVE-2011-3593
CVE-2011-4326
Version: 159
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23677
 
Oval ID: oval:org.mitre.oval:def:23677
Title: ELSA-2011:1465: kernel security and bug fix update (Important)
Description: The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.
Family: unix Class: patch
Reference(s): ELSA-2011:1465-01
CVE-2011-1162
CVE-2011-1577
CVE-2011-2494
CVE-2011-2699
CVE-2011-2905
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3359
CVE-2011-3363
CVE-2011-3593
CVE-2011-4326
Version: 53
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28092
 
Oval ID: oval:org.mitre.oval:def:28092
Title: ELSA-2011-2033 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.32-200.23.1.el6uek] - net: Remove atmclip.h to prevent break kabi check. - KConfig: add CONFIG_UEK5=n to ol6/config-generic [2.6.32-200.22.1.el6uek] - ipv6: make fragment identifications less predictable (Joe Jin) {CVE-2011-2699} - vlan: fix panic when handling priority tagged frames (Joe Jin) {CVE-2011-3593} - ipv6: udp: fix the wrong headroom check (Maxim Uvarov) {CVE-2011-4326} - b43: allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) {CVE-2011-3359} - fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (Maxim Uvarov) {CVE-2011-3353} - cifs: fix possible memory corruption in CIFSFindNext (Maxim Uvarov) {CVE-2011-3191} - crypto: md5 - Add export support (Maxim Uvarov) {CVE-2011-2699} - fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops (Maxim Uvarov) {CVE-2011-1577} - block: use struct parsed_partitions *state universally in partition check code (Maxim Uvarov) - net: Compute protocol sequence numbers and fragment IDs using MD5. (Maxim Uvarov) {CVE-2011-3188} - crypto: Move md5_transform to lib/md5.c (Maxim Uvarov) {CVE-2011-3188} - perf tools: do not look at ./config for configuration (Maxim Uvarov) {CVE-2011-2905} - Make TASKSTATS require root access (Maxim Uvarov) {CVE-2011-2494} - TPM: Zero buffer after copying to userspace (Maxim Uvarov) {CVE-2011-1162} - TPM: Call tpm_transmit with correct size (Maxim Uvarov){CVE-2011-1161} - fnic: fix panic while booting in fnic(Xiaowei Hu) - Revert 'PCI hotplug: acpiphp: set current_state to D0 in register_slot' (Guru Anbalagane) - xen: drop xen_sched_clock in favour of using plain wallclock time (Jeremy Fitzhardinge) [2.6.32-200.21.1.el6uek] - PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [orabug 13033435]
Family: unix Class: patch
Reference(s): ELSA-2011-2033
CVE-2011-1162
CVE-2011-1577
CVE-2011-2494
CVE-2011-2699
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3593
CVE-2011-4326
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28166
 
Oval ID: oval:org.mitre.oval:def:28166
Title: DEPRECATED: ELSA-2011-1465 -- kernel security and bug fix update (important)
Description: [2.6.32-131.21.1.el6] - [net] ipv6/udp: fix the wrong headroom check (Thomas Graf) [753167 698170] [2.6.32-131.20.1.el6] - [net] vlan: fix panic when handling priority tagged frames (Andy Gospodarek) [742849 714936] {CVE-2011-3593} - [netdrv] igb: fix WOL on second port of i350 device (Frantisek Hrbata) [743807 718293] - [kernel] fix taskstats io infoleak (Jerome Marchand) [716847 716848] {CVE-2011-2494} - [tpm] Zero buffer after copying to userspace (Jiri Benc) [732632 732633] {CVE-2011-1162} - [scsi] Revert megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [741167 736667] - [x86] acpi: Prevent acpiphp from deadlocking on PCI-to-PCI bridge remove (Prarit Bhargava) [745557 732706] - [net] sctp: deal with multiple COOKIE_ECHO chunks (Frantisek Hrbata) [743510 729220] - [scsi] iscsi_tcp: fix locking around iscsi sk user data (Mike Christie) [741704 647268] - [kernel] first time swap use results in heavy swapping (Hendrik Brueckner) [747868 722461] - [scsi] Reduce error recovery time by reducing use of TURs (Mike Christie) [744811 691945] - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [738301 692709] {CVE-2011-3363} - [fs] cifs: always do is_path_accessible check in cifs_mount (Jeff Layton) [738301 692709] {CVE-2011-3363} - [net] ipv6: fix NULL dereference in udp6_ufo_fragment() (Jason Wang) [748808 740465] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699} [2.6.32-131.19.1.el6] - [scsi] scan: don't fail scans when host is in recovery (Mike Christie) [734774 713682] - [netdrv] b43: allocate receive buffers big enough for max frame len + offset (RuiRui Yang) [738204 738205] {CVE-2011-3359} - [fs] fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (RuiRui Yang) [736764 736765] {CVE-2011-3353} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [737482 730354] {CVE-2011-3191} - [kernel] perf tools: do not look at ./config for configuration (Jiri Benc) [730203 730204] {CVE-2011-2905} - [x86] mm: Fix pgd_lock deadlock (Andrew Jones) [737570 691310] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Andrew Jones) [737570 691310] - [mm] Revert 'fix pgd_lock deadlock' (Andrew Jones) [737570 691310] - [fs] corrupted GUID partition tables can cause kernel oops (Jerome Marchand) [695981 695982] {CVE-2011-1577} - [net] Compute protocol sequence numbers and fragment IDs using MD5. (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [fs] SUNRPC: Fix use of static variable in rpcb_getport_async (Steve Dickson) [740230 723650] - [fs] NFSv4.1: update nfs4_fattr_bitmap_maxsz (Steve Dickson) [740230 723650] - [fs] SUNRPC: Fix a race between work-queue and rpc_killall_tasks (Steve Dickson) [740230 723650] - [fs] SUNRPC: Ensure we always run the tk_callback before tk_action (Steve Dickson) [740230 723650] - [misc] enclosure: fix error path to actually return ERR_PTR() on error (Tomas Henzl) [741166 713730] - [virt] KVM: make guest mode entry to be rcu quiescent state (Gleb Natapov) [740352 712653] - [virt] rcu: provide rcu_virt_note_context_switch() function (Gleb Natapov) [740352 712653] [2.6.32-131.18.1.el6] - [sched] wait_for_completion_interruptible_timeout() should return signed long (J. Bruce Fields) [745413 738379]
Family: unix Class: patch
Reference(s): ELSA-2011-1465
CVE-2011-1162
CVE-2011-1577
CVE-2011-2494
CVE-2011-2699
CVE-2011-2905
CVE-2011-3188
CVE-2011-3191
CVE-2011-3353
CVE-2011-3359
CVE-2011-3363
CVE-2011-3593
CVE-2011-4326
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Application 10
Application 3
Application 22
Application 9
Application 16
Application 12
Application 16
Application 14
Application 10
Application 21
Application 4
Application 6
Application 1
Hardware 4
Hardware 6
Hardware 3
Hardware 15
Os 1505
Os 2
Os 1

OpenVAS Exploits

Date Description
2013-09-18 Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2389_1.nasl
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel)
File : nvt/gb_suse_2012_0206_1.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel)
File : nvt/gb_suse_2012_0236_1.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1479 centos5 x86_64
File : nvt/gb_CESA-2011_1479_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64
File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-06-25 Name : Fedora Update for kernel FEDORA-2012-8931
File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl
2012-05-17 Name : Fedora Update for kernel FEDORA-2012-7594
File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl
2012-04-26 Name : Fedora Update for kernel FEDORA-2012-6406
File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2011-12823
File : nvt/gb_fedora_2011_12823_kernel_fc16.nasl
2012-04-02 Name : VMSA-2012-0006 VMware ESXi and ESX address several security issues
File : nvt/gb_VMSA-2012-0006.nasl
2012-03-29 Name : Fedora Update for kernel FEDORA-2012-3715
File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl
2012-03-16 Name : Ubuntu Update for linux USN-1275-1
File : nvt/gb_ubuntu_USN_1275_1.nasl
2012-03-16 Name : Fedora Update for kernel FEDORA-2012-3356
File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl
2012-03-16 Name : Ubuntu Update for linux-ti-omap4 USN-1260-1
File : nvt/gb_ubuntu_USN_1260_1.nasl
2012-03-15 Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2012-03-07 Name : Fedora Update for kernel FEDORA-2012-2753
File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl
2012-03-07 Name : Ubuntu Update for linux-lts-backport-natty USN-1386-1
File : nvt/gb_ubuntu_USN_1386_1.nasl
2012-03-07 Name : Ubuntu Update for linux-lts-backport-maverick USN-1387-1
File : nvt/gb_ubuntu_USN_1387_1.nasl
2012-02-21 Name : Ubuntu Update for linux USN-1362-1
File : nvt/gb_ubuntu_USN_1362_1.nasl
2012-02-21 Name : Ubuntu Update for linux USN-1361-1
File : nvt/gb_ubuntu_USN_1361_1.nasl
2012-02-13 Name : Fedora Update for kernel FEDORA-2012-1503
File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl
2012-01-25 Name : Ubuntu Update for linux USN-1345-1
File : nvt/gb_ubuntu_USN_1345_1.nasl
2012-01-25 Name : Ubuntu Update for linux USN-1341-1
File : nvt/gb_ubuntu_USN_1341_1.nasl
2012-01-25 Name : Ubuntu Update for linux-lts-backport-natty USN-1337-1
File : nvt/gb_ubuntu_USN_1337_1.nasl
2012-01-25 Name : Fedora Update for kernel FEDORA-2012-0861
File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl
2012-01-16 Name : Fedora Update for kernel FEDORA-2012-0492
File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl
2012-01-16 Name : Ubuntu Update for linux-ti-omap4 USN-1329-1
File : nvt/gb_ubuntu_USN_1329_1.nasl
2012-01-16 Name : Ubuntu Update for linux-lts-backport-maverick USN-1332-1
File : nvt/gb_ubuntu_USN_1332_1.nasl
2012-01-13 Name : Ubuntu Update for linux USN-1323-1
File : nvt/gb_ubuntu_USN_1323_1.nasl
2012-01-13 Name : Ubuntu Update for linux-ti-omap4 USN-1325-1
File : nvt/gb_ubuntu_USN_1325_1.nasl
2012-01-09 Name : Ubuntu Update for linux-ti-omap4 USN-1319-1
File : nvt/gb_ubuntu_USN_1319_1.nasl
2012-01-09 Name : Ubuntu Update for linux-fsl-imx51 USN-1318-1
File : nvt/gb_ubuntu_USN_1318_1.nasl
2011-12-23 Name : Ubuntu Update for linux USN-1311-1
File : nvt/gb_ubuntu_USN_1311_1.nasl
2011-12-16 Name : Ubuntu Update for linux-mvl-dove USN-1303-1
File : nvt/gb_ubuntu_USN_1303_1.nasl
2011-12-16 Name : Ubuntu Update for linux-ti-omap4 USN-1304-1
File : nvt/gb_ubuntu_USN_1304_1.nasl
2011-12-16 Name : Ubuntu Update for linux-ti-omap4 USN-1302-1
File : nvt/gb_ubuntu_USN_1302_1.nasl
2011-12-16 Name : Ubuntu Update for linux-ec2 USN-1299-1
File : nvt/gb_ubuntu_USN_1299_1.nasl
2011-12-12 Name : Fedora Update for kernel FEDORA-2011-16621
File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl
2011-12-09 Name : Ubuntu Update for linux-lts-backport-maverick USN-1292-1
File : nvt/gb_ubuntu_USN_1292_1.nasl
2011-12-09 Name : Ubuntu Update for linux USN-1293-1
File : nvt/gb_ubuntu_USN_1293_1.nasl
2011-12-09 Name : Ubuntu Update for linux-lts-backport-oneiric USN-1294-1
File : nvt/gb_ubuntu_USN_1294_1.nasl
2011-12-05 Name : Ubuntu Update for linux USN-1286-1
File : nvt/gb_ubuntu_USN_1286_1.nasl
2011-12-02 Name : RedHat Update for kernel RHSA-2011:1479-01
File : nvt/gb_RHSA-2011_1479-01_kernel.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-12-02 Name : Ubuntu Update for linux USN-1285-1
File : nvt/gb_ubuntu_USN_1285_1.nasl
2011-12-02 Name : CentOS Update for kernel CESA-2011:1479 centos5 i386
File : nvt/gb_CESA-2011_1479_kernel_centos5_i386.nasl
2011-11-25 Name : Ubuntu Update for linux-ti-omap4 USN-1281-1
File : nvt/gb_ubuntu_USN_1281_1.nasl
2011-11-25 Name : Ubuntu Update for linux-lts-backport-natty USN-1279-1
File : nvt/gb_ubuntu_USN_1279_1.nasl
2011-11-18 Name : Fedora Update for kernel FEDORA-2011-15856
File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl
2011-11-11 Name : Ubuntu Update for linux USN-1253-1
File : nvt/gb_ubuntu_USN_1253_1.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-31 Name : Ubuntu Update for linux-ec2 USN-1239-1
File : nvt/gb_ubuntu_USN_1239_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1240-1
File : nvt/gb_ubuntu_USN_1240_1.nasl
2011-10-31 Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1
File : nvt/gb_ubuntu_USN_1241_1.nasl
2011-10-31 Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1
File : nvt/gb_ubuntu_USN_1242_1.nasl
2011-10-31 Name : Ubuntu Update for linux USN-1243-1
File : nvt/gb_ubuntu_USN_1243_1.nasl
2011-10-31 Name : Ubuntu Update for linux-ti-omap4 USN-1244-1
File : nvt/gb_ubuntu_USN_1244_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1245-1
File : nvt/gb_ubuntu_USN_1245_1.nasl
2011-10-31 Name : Ubuntu Update for linux USN-1246-1
File : nvt/gb_ubuntu_USN_1246_1.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-21 Name : Ubuntu Update for linux USN-1236-1
File : nvt/gb_ubuntu_USN_1236_1.nasl
2011-10-14 Name : Ubuntu Update for linux-ti-omap4 USN-1228-1
File : nvt/gb_ubuntu_USN_1228_1.nasl
2011-10-14 Name : Ubuntu Update for linux USN-1227-1
File : nvt/gb_ubuntu_USN_1227_1.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-13809
File : nvt/gb_fedora_2011_13809_kernel_fc15.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-10-10 Name : Ubuntu Update for linux USN-1225-1
File : nvt/gb_ubuntu_USN_1225_1.nasl
2011-09-30 Name : Ubuntu Update for linux-ec2 USN-1216-1
File : nvt/gb_ubuntu_USN_1216_1.nasl
2011-09-30 Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1
File : nvt/gb_ubuntu_USN_1219_1.nasl
2011-09-30 Name : Ubuntu Update for linux USN-1218-1
File : nvt/gb_ubuntu_USN_1218_1.nasl
2011-09-30 Name : Ubuntu Update for linux-ti-omap4 USN-1220-1
File : nvt/gb_ubuntu_USN_1220_1.nasl
2011-09-23 Name : Ubuntu Update for linux-ti-omap4 USN-1212-1
File : nvt/gb_ubuntu_USN_1212_1.nasl
2011-09-23 Name : Ubuntu Update for linux USN-1211-1
File : nvt/gb_ubuntu_USN_1211_1.nasl
2011-09-16 Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1203-1
File : nvt/gb_ubuntu_USN_1203_1.nasl
2011-09-16 Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1208-1
File : nvt/gb_ubuntu_USN_1208_1.nasl
2011-08-27 Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1193-1
File : nvt/gb_ubuntu_USN_1193_1.nasl
2011-08-19 Name : Fedora Update for kernel FEDORA-2011-11019
File : nvt/gb_fedora_2011_11019_kernel_fc15.nasl
2011-08-12 Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1183-1
File : nvt/gb_ubuntu_USN_1183_1.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0833 centos5 i386
File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1170-1
File : nvt/gb_ubuntu_USN_1170_1.nasl
2011-07-12 Name : Fedora Update for kernel FEDORA-2011-7823
File : nvt/gb_fedora_2011_7823_kernel_fc15.nasl
2011-06-06 Name : RedHat Update for kernel RHSA-2011:0833-01
File : nvt/gb_RHSA-2011_0833-01_kernel.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
77295 Linux Kernel UFO IPv6 UDP Datagram Parsing Remote DoS

77294 Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS

77293 Linux Kernel b43 Driver Wireless Interface Frame Parsing Remote DoS

77292 Linux Kernel tpm_read() Local TPM Command Result Disclosure

76796 Linux Kernel taskstats Access Restriction Weakness Local Information Disclosure

76259 Linux Kernel fs/fuse/dev.fuse_notify_inval_entry() Function FUSE_NOTIFY_INVAL...

75716 Linux Kernel Sequence Number Generation Weakness Remote Packet Injection

75580 Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS

74910 Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ...

74678 Linux Kernel IPv6 Fragment Identification Prediction Weakness

74634 Linux Kernel perf Configuration Loading Path Subversion Local Privilege Escal...

73049 Linux Kernel fs/partitions/efi.c is_gpt_valid Function EFI GUID Partition Tab...

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-09-27 IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-09-13 IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-08-16 IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products
Severity : Category I - VMSKEY : V0033662
2012-05-03 IAVM : 2012-A-0073 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0032171
2012-04-12 IAVM : 2012-A-0056 - Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0031979
2012-02-02 IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252

Nessus® Vulnerability Scanner

Date Description
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0006_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0008_remote.nasl - Type : ACT_GATHER_INFO
2016-02-29 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15301.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote host has a predictable TCP sequence number generator.
File : juniper_nsm_psn_2012_08_688.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1419.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0358.nasl - Type : ACT_GATHER_INFO
2012-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO
2012-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO
2012-08-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111129_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-04-28 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2012-0008.nasl - Type : ACT_GATHER_INFO
2012-04-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO
2012-03-30 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0006.nasl - Type : ACT_GATHER_INFO
2012-03-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1386-1.nasl - Type : ACT_GATHER_INFO
2012-03-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1387-1.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1361-1.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1362-1.nasl - Type : ACT_GATHER_INFO
2012-02-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO
2012-02-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1345-1.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1337-1.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1341-1.nasl - Type : ACT_GATHER_INFO
2012-01-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2389.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1329-1.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1332-1.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1323-1.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1325-1.nasl - Type : ACT_GATHER_INFO
2012-01-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1318-1.nasl - Type : ACT_GATHER_INFO
2012-01-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1319-1.nasl - Type : ACT_GATHER_INFO
2011-12-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1311-1.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1299-1.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1302-1.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1303-1.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1304-1.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110930.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_perf-111111.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO
2011-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1292-1.nasl - Type : ACT_GATHER_INFO
2011-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1293-1.nasl - Type : ACT_GATHER_INFO
2011-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1294-1.nasl - Type : ACT_GATHER_INFO
2011-12-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1286-1.nasl - Type : ACT_GATHER_INFO
2011-11-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO
2011-11-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1285-1.nasl - Type : ACT_GATHER_INFO
2011-11-29 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO
2011-11-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1279-1.nasl - Type : ACT_GATHER_INFO
2011-11-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1281-1.nasl - Type : ACT_GATHER_INFO
2011-11-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1275-1.nasl - Type : ACT_GATHER_INFO
2011-11-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1260-1.nasl - Type : ACT_GATHER_INFO
2011-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO
2011-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO
2011-10-31 Name : The remote Fedora host is missing a security update.
File : fedora_2011-14747.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1242-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1243-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1244-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1246-1.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1236-1.nasl - Type : ACT_GATHER_INFO
2011-10-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO
2011-10-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO
2011-09-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Fedora host is missing a security update.
File : fedora_2011-12823.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : It may be possible to predict TCP/IP Initial Sequence Numbers for the remote ...
File : linux_isn.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1211-1.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO
2011-09-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO
2011-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO
2011-08-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-11019.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-08-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO
2011-06-30 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-7823.nasl - Type : ACT_GATHER_INFO
2011-06-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:55:18
  • Multiple Updates
2013-06-08 17:22:54
  • Multiple Updates
2013-03-01 17:20:42
  • Multiple Updates