Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Red Hat Enterprise Linux 6 kernel update
Informations
Name RHSA-2013:1645 First vendor Publication 2013-11-21
Vendor RedHat Last vendor Modification 2013-11-21
Severity (Vendor) Important Revision 02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 1.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regular update.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issues:

* A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload (UFO) feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-4387, Important)

* A flaw was found in the way the Linux kernel handled the creation of temporary IPv6 addresses. If the IPv6 privacy extension was enabled (/proc/sys/net/ipv6/conf/eth0/use_tempaddr set to '2'), an attacker on the local network could disable IPv6 temporary address generation, leading to a potential information disclosure. (CVE-2013-0343, Moderate)

* A flaw was found in the way the Linux kernel handled HID (Human Interface Device) reports with an out-of-bounds Report ID. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2888, Moderate)

* An off-by-one flaw was found in the way the ANSI CPRNG implementation in the Linux kernel processed non-block size aligned requests. This could lead to random numbers being generated with less bits of entropy than expected when ANSI CPRNG was used. (CVE-2013-4345, Moderate)

* It was found that the fix for CVE-2012-2375 released via RHSA-2012:1580 accidentally removed a check for small-sized result buffers. A local, unprivileged user with access to an NFSv4 mount with ACL support could use this flaw to crash the system or, potentially, escalate their privileges on the system . (CVE-2013-4591, Moderate)

* A flaw was found in the way IOMMU memory mappings were handled when moving memory slots. A malicious user on a KVM host who has the ability to assign a device to a guest could use this flaw to crash the host. (CVE-2013-4592, Moderate)

* Heap-based buffer overflow flaws were found in the way the Zeroplus and Pantherlord/GreenAsia game controllers handled HID reports. An attacker with physical access to the system could use these flaws to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2889, CVE-2013-2892, Moderate)

* Two information leak flaws were found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use these flaws to leak kernel stack memory to user space. (CVE-2012-6542, CVE-2013-3231, Low)

* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed the vital product data (VPD) of devices could allow an attacker with physical access to a system to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1929, Low)

* Information leak flaws in the Linux kernel could allow a privileged, local user to leak kernel memory to user space. (CVE-2012-6545, CVE-2013-1928, CVE-2013-2164, CVE-2013-2234, Low)

* A format string flaw was found in the Linux kernel's block layer. A privileged, local user could potentially use this flaw to escalate their privileges to kernel level (ring0). (CVE-2013-2851, Low)

Red Hat would like to thank Stephan Mueller for reporting CVE-2013-4345, and Kees Cook for reporting CVE-2013-2851.

This update also fixes several hundred bugs and adds enhancements. Refer to the Red Hat Enterprise Linux 6.5 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References.

All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.5 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

5. Bugs fixed (https://bugzilla.redhat.com/):

627128 - kernel spec: devel_post macro: hardlink fc typo 734728 - cifs: asynchronous readpages support 796364 - sbc_fitpc2_wdt NULL pointer dereference 815908 - NFSv4 server support for numeric IDs 831158 - dm-crypt: Fix possible mempool deadlock 834919 - JBD: Spotted dirty metadata buffer 851269 - kernel-debug: enable CONFIG_JBD_DEBUG 856764 - RHEL 6.5 Common Network Backports Tracker 859562 - DM RAID: 'sync' table argument is ineffective. 873659 - virt: Clocksource tsc unstable (delta = 474712882 ns). Enable clocksource failover by adding clocksource_failover kernel parameter. 876528 - Set-group-ID (SGID) bit not inherited on XFS file system with ACLs on directory 889973 - "kernel: device-mapper: table: 253:3: snapshot-origin: unknown target type" 903297 - FCoE target: backport drivers/target from upstream 908093 - gfs2: withdraw does not wait for gfs_controld 913660 - nfs client crashes during open 914664 - CVE-2013-0343 kernel: handling of IPv6 temporary addresses 918239 - kernel-2.6.32-358.0.1 doesn't boot at virtual machine on Xen Cloud Platform 920752 - cannot open device nodes for writing on RO filesystems 922322 - CVE-2012-6542 Kernel: llc: information leak via getsockname 922404 - CVE-2012-6545 Kernel: Bluetooth: RFCOMM - information leak 928207 - transfer data using two port from guest to host,guest hang and call trace 949567 - CVE-2013-1928 Kernel: information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE 949932 - CVE-2013-1929 Kernel: tg3: buffer overflow in VPD firmware parsing 953097 - virtio-rng, boot the guest with two rng device, cat /dev/hwrng in guest, guest will call trace 956094 - CVE-2013-3231 Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg 969515 - CVE-2013-2851 kernel: block: passing disk names as format strings 973100 - CVE-2013-2164 Kernel: information leak in cdrom driver 980995 - CVE-2013-2234 Kernel: net: information leak in AF_KEY notify 990806 - BUG: soft lockup - CPU#0 stuck for 63s! [killall5:7385] 999890 - CVE-2013-2889 Kernel: HID: zeroplus: heap overflow flaw 1000429 - CVE-2013-2892 Kernel: HID: pantherlord: heap overflow flaw 1000451 - CVE-2013-2888 Kernel: HID: memory corruption flaw 1007690 - CVE-2013-4345 kernel: ansi_cprng: off by one error in non-block size request 1011927 - CVE-2013-4387 Kernel: net: IPv6: panic when UFO=On for an interface 1014867 - xfssyncd and flush device threads hang in xlog_grant_head_wait 1031678 - CVE-2013-4591 kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached 1031702 - CVE-2013-4592 kernel: kvm: memory leak when memory slot is moved with assigned device

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-1645.html

CWE : Common Weakness Enumeration

% Id Name
38 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
31 % CWE-200 Information Exposure
12 % CWE-189 Numeric Errors (CWE/SANS Top 25)
6 % CWE-399 Resource Management Errors
6 % CWE-134 Uncontrolled Format String (CWE/SANS Top 25)
6 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17179
 
Oval ID: oval:org.mitre.oval:def:17179
Title: USN-1530-1 -- Linux kernel (OMAP4) vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): usn-1530-1
CVE-2011-4131
CVE-2012-2123
CVE-2012-2136
CVE-2012-2313
CVE-2012-2319
CVE-2012-2372
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 11.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17193
 
Oval ID: oval:org.mitre.oval:def:17193
Title: USN-1487-1 -- linux vulnerability
Description: The system could be made to crash if it received specially crafted networ k traffic.
Family: unix Class: patch
Reference(s): USN-1487-1
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 11.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17235
 
Oval ID: oval:org.mitre.oval:def:17235
Title: USN-1652-1 -- linux-lts-backport-oneiric vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1652-1
CVE-2012-0957
CVE-2012-4565
CVE-2012-6536
CVE-2012-6537
CVE-2012-6538
CVE-2012-6539
CVE-2012-6540
CVE-2012-6541
CVE-2012-6542
CVE-2012-6544
CVE-2012-6545
CVE-2012-6546
CVE-2013-0309
CVE-2013-1826
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-lts-backport-oneiric
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17291
 
Oval ID: oval:org.mitre.oval:def:17291
Title: USN-1673-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to crash under certain conditions.
Family: unix Class: patch
Reference(s): USN-1673-1
CVE-2012-4508
CVE-2012-5517
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17527
 
Oval ID: oval:org.mitre.oval:def:17527
Title: USN-1671-1 -- linux vulnerability
Description: The system could be made to crash under certain conditions.
Family: unix Class: patch
Reference(s): USN-1671-1
CVE-2012-4508
CVE-2012-5517
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17577
 
Oval ID: oval:org.mitre.oval:def:17577
Title: USN-1489-1 -- linux-lts-backport-oneiric vulnerability
Description: The system could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1489-1
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-lts-backport-oneiric
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17606
 
Oval ID: oval:org.mitre.oval:def:17606
Title: USN-1499-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1499-1
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 11.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17778
 
Oval ID: oval:org.mitre.oval:def:17778
Title: USN-1648-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1648-1
CVE-2012-0957
CVE-2012-4565
CVE-2012-6536
CVE-2012-6537
CVE-2012-6538
CVE-2012-6539
CVE-2012-6540
CVE-2012-6541
CVE-2012-6542
CVE-2012-6544
CVE-2012-6545
CVE-2012-6546
CVE-2013-0309
CVE-2013-1826
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 11.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17787
 
Oval ID: oval:org.mitre.oval:def:17787
Title: USN-1490-1 -- linux-lts-backport-natty vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1490-1
CVE-2012-2313
CVE-2012-2319
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-lts-backport-natty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17853
 
Oval ID: oval:org.mitre.oval:def:17853
Title: USN-1494-1 -- linux-ti-omap4 vulnerability
Description: The system could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1494-1
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17898
 
Oval ID: oval:org.mitre.oval:def:17898
Title: USN-1486-1 -- linux vulnerability
Description: The system could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1486-1
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17924
 
Oval ID: oval:org.mitre.oval:def:17924
Title: USN-1488-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1488-1
CVE-2012-2313
CVE-2012-2319
CVE-2012-2375
Version: 7
Platform(s): Ubuntu 11.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18042
 
Oval ID: oval:org.mitre.oval:def:18042
Title: USN-1913-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1913-1
CVE-2013-2164
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18082
 
Oval ID: oval:org.mitre.oval:def:18082
Title: USN-1645-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1645-1
CVE-2012-0957
CVE-2012-4508
CVE-2012-4565
CVE-2012-6536
CVE-2012-6537
CVE-2012-6538
CVE-2013-0309
CVE-2013-1826
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18197
 
Oval ID: oval:org.mitre.oval:def:18197
Title: USN-1644-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1644-1
CVE-2012-0957
CVE-2012-4508
CVE-2012-4565
CVE-2012-6536
CVE-2012-6537
CVE-2012-6538
CVE-2013-0309
CVE-2013-1826
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18214
 
Oval ID: oval:org.mitre.oval:def:18214
Title: USN-1649-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1649-1
CVE-2012-0957
CVE-2012-4565
CVE-2012-6536
CVE-2012-6537
CVE-2012-6538
CVE-2012-6539
CVE-2012-6540
CVE-2012-6541
CVE-2012-6542
CVE-2012-6544
CVE-2012-6545
CVE-2012-6546
CVE-2013-0309
CVE-2013-1826
CVE-2013-1928
Version: 7
Platform(s): Ubuntu 11.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18254
 
Oval ID: oval:org.mitre.oval:def:18254
Title: USN-1704-1 -- linux-lts-quantal - Linux kernel hardware enablement from Quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1704-1
CVE-2012-0957
CVE-2012-4461
CVE-2012-4508
CVE-2012-4530
CVE-2012-4565
CVE-2012-5517
CVE-2012-5532
CVE-2013-1928
Version: 8
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18312
 
Oval ID: oval:org.mitre.oval:def:18312
Title: USN-1912-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1912-1
CVE-2013-2164
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18764
 
Oval ID: oval:org.mitre.oval:def:18764
Title: USN-1932-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1932-1
CVE-2013-1059
CVE-2013-2148
CVE-2013-2164
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18848
 
Oval ID: oval:org.mitre.oval:def:18848
Title: USN-1934-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1934-1
CVE-2013-1059
CVE-2013-2148
CVE-2013-2164
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 13.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18859
 
Oval ID: oval:org.mitre.oval:def:18859
Title: USN-1933-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1933-1
CVE-2013-1059
CVE-2013-2148
CVE-2013-2164
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18941
 
Oval ID: oval:org.mitre.oval:def:18941
Title: USN-1931-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1931-1
CVE-2013-1059
CVE-2013-2148
CVE-2013-2164
CVE-2013-2851
Version: 7
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19068
 
Oval ID: oval:org.mitre.oval:def:19068
Title: USN-2038-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2038-1
CVE-2013-0343
CVE-2013-2140
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19117
 
Oval ID: oval:org.mitre.oval:def:19117
Title: USN-2019-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2019-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19135
 
Oval ID: oval:org.mitre.oval:def:19135
Title: USN-2024-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2024-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 13.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19184
 
Oval ID: oval:org.mitre.oval:def:19184
Title: USN-1977-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1977-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2892
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19258
 
Oval ID: oval:org.mitre.oval:def:19258
Title: USN-2021-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2021-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19356
 
Oval ID: oval:org.mitre.oval:def:19356
Title: USN-2022-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2022-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19365
 
Oval ID: oval:org.mitre.oval:def:19365
Title: USN-1976-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1976-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2892
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19806
 
Oval ID: oval:org.mitre.oval:def:19806
Title: DSA-2766-1 linux-2.6 - several
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-2766-1
CVE-2013-2141
CVE-2013-2164
CVE-2013-2206
CVE-2013-2232
CVE-2013-2234
CVE-2013-2237
CVE-2013-2239
CVE-2013-2851
CVE-2013-2852
CVE-2013-2888
CVE-2013-2892
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19931
 
Oval ID: oval:org.mitre.oval:def:19931
Title: USN-2039-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2039-1
CVE-2013-0343
CVE-2013-2140
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-2893
CVE-2013-2895
CVE-2013-2896
CVE-2013-2897
CVE-2013-2899
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19995
 
Oval ID: oval:org.mitre.oval:def:19995
Title: USN-2041-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2041-1
CVE-2013-4299
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20012
 
Oval ID: oval:org.mitre.oval:def:20012
Title: USN-2045-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2045-1
CVE-2013-4299
CVE-2013-4350
CVE-2013-4387
Version: 5
Platform(s): Ubuntu 13.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23259
 
Oval ID: oval:org.mitre.oval:def:23259
Title: VMware ESX updates to third party libraries
Description: The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2164
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24177
 
Oval ID: oval:org.mitre.oval:def:24177
Title: VMware ESX updates to third party libraries
Description: The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2234
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24575
 
Oval ID: oval:org.mitre.oval:def:24575
Title: RHSA-2014:0433: kernel security, bug fix, and enhancement update (Moderate)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled TCP packets with both the SYN and FIN flags set. A remote attacker could use this flaw to consume an excessive amount of resources on the target system, potentially resulting in a denial of service. (CVE-2012-6638, Moderate) * A flaw was found in the way the Linux kernel handled HID (Human Interface Device) reports with an out-of-bounds Report ID. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2888, Moderate) This update also fixes the following bugs: * A previous change to the sunrpc code introduced a race condition between the rpc_wake_up_task() and rpc_wake_up_status() functions. A race between threads operating on these functions could result in a deadlock situation, subsequently triggering a "soft lockup" event and rendering the system unresponsive. This problem has been fixed by re-ordering tasks in the RPC wait queue. (BZ#1073731) * Running a process in the background on a GFS2 file system could sometimes trigger a glock recursion error that resulted in a kernel panic. This happened when a readpage operation attempted to take a glock that had already been held by another function. To prevent this error, GFS2 now verifies whether the glock is already held when performing the readpage operation. (BZ#1073953) * A previous patch backport to the IUCV (Inter User Communication Vehicle) code was incomplete. Consequently, when establishing an IUCV connection, the kernel could, under certain circumstances, dereference a NULL pointer, resulting in a kernel panic. A patch has been applied to correct this problem by calling the proper function when removing IUCV paths. (BZ#1077045) In addition, this update adds the following enhancement: * The lpfc driver had a fixed timeout of 60 seconds for SCSI task management commands. With this update, the lpfc driver enables the user to set this timeout within the range from 5 to 180 seconds. The timeout can be changed by modifying the "lpfc_task_mgmt_tmo" parameter for the lpfc driver. (BZ#1073123) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0433-00
CESA-2014:0433
CVE-2012-6638
CVE-2013-2888
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24604
 
Oval ID: oval:org.mitre.oval:def:24604
Title: ELSA-2014:0433: kernel security, bug fix, and enhancement update (Moderate)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled TCP packets with both the SYN and FIN flags set. A remote attacker could use this flaw to consume an excessive amount of resources on the target system, potentially resulting in a denial of service. (CVE-2012-6638, Moderate) * A flaw was found in the way the Linux kernel handled HID (Human Interface Device) reports with an out-of-bounds Report ID. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2888, Moderate) This update also fixes the following bugs: * A previous change to the sunrpc code introduced a race condition between the rpc_wake_up_task() and rpc_wake_up_status() functions. A race between threads operating on these functions could result in a deadlock situation, subsequently triggering a "soft lockup" event and rendering the system unresponsive. This problem has been fixed by re-ordering tasks in the RPC wait queue. (BZ#1073731) * Running a process in the background on a GFS2 file system could sometimes trigger a glock recursion error that resulted in a kernel panic. This happened when a readpage operation attempted to take a glock that had already been held by another function. To prevent this error, GFS2 now verifies whether the glock is already held when performing the readpage operation. (BZ#1073953) * A previous patch backport to the IUCV (Inter User Communication Vehicle) code was incomplete. Consequently, when establishing an IUCV connection, the kernel could, under certain circumstances, dereference a NULL pointer, resulting in a kernel panic. A patch has been applied to correct this problem by calling the proper function when removing IUCV paths. (BZ#1077045) In addition, this update adds the following enhancement: * The lpfc driver had a fixed timeout of 60 seconds for SCSI task management commands. With this update, the lpfc driver enables the user to set this timeout within the range from 5 to 180 seconds. The timeout can be changed by modifying the "lpfc_task_mgmt_tmo" parameter for the lpfc driver. (BZ#1073123) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0433-00
CVE-2012-6638
CVE-2013-2888
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25283
 
Oval ID: oval:org.mitre.oval:def:25283
Title: SUSE-SU-2014:0140-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to 3.0.101 and also includes various other bug and security fixes.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0140-1
CVE-2013-4587
CVE-2013-6368
CVE-2013-6367
CVE-2013-4592
CVE-2013-6378
CVE-2013-4514
CVE-2013-4515
CVE-2013-7027
CVE-2013-4483
CVE-2013-4511
CVE-2013-6380
CVE-2013-6463
CVE-2013-6383
CVE-2013-4345
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25975
 
Oval ID: oval:org.mitre.oval:def:25975
Title: SUSE-SU-2013:0856-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise 10 SP4 kernel has been updated to fix various bugs and security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0856-1
CVE-2012-4444
CVE-2013-1928
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 10
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26083
 
Oval ID: oval:org.mitre.oval:def:26083
Title: RHSA-2013:1645: Red Hat Enterprise Linux 6 kernel update (Important)
Description: Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6.
Family: unix Class: patch
Reference(s): RHSA-2013:1645-02
CESA-2013:1645
CVE-2012-6542
CVE-2012-6545
CVE-2013-0343
CVE-2013-1928
CVE-2013-1929
CVE-2013-2164
CVE-2013-2234
CVE-2013-2851
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-3231
CVE-2013-4345
CVE-2013-4387
CVE-2013-4591
CVE-2013-4592
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26512
 
Oval ID: oval:org.mitre.oval:def:26512
Title: ELSA-2013-2542 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.29.3uek] - block: do not pass disk names as format strings (Jerry Snitselaar) [Orabug: 17230124] {CVE-2013-2851} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370765] {CVE-2013-2237} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371054] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371072] {CVE-2012-6544} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371079] {CVE-2013-2232} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371121] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372129] {CVE-2013-2206}
Family: unix Class: patch
Reference(s): ELSA-2013-2542
CVE-2012-6544
CVE-2013-2206
CVE-2013-2232
CVE-2013-2237
CVE-2013-2851
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26844
 
Oval ID: oval:org.mitre.oval:def:26844
Title: DEPRECATED: ELSA-2014-0433 -- kernel security, bug fix, and enhancement update (moderate)
Description: kernel [2.6.18-371.8.1] - [virt] HID: memory corruption flaw drivers/usb/input/hid-core.c (Jacob Tanenbaum) [1032996 1032999] {CVE-2013-2888} - [virt] HID: memory corruption flaw in drivers/hv/hid-core.c (Jacob Tanenbaum) [1032996 1032999] {CVE-2013-2888} - [scsi] lpfc: Fix task management commands having a fixed timeout (Ewan Milne) [1073123 1061120] - [net] tcp: drop SYN+FIN messages (Jiri Pirko) [1066057 1066058] {CVE-2012-6638} - [fs] GFS2: Check if glock held in gfs2_readpage (Robert S Peterson) [1073953 1063434] - [net] sunrpc: fix deadlock in task wakeup code (Jeff Layton) [1073731 998126] [2.6.18-371.7.1] - [s390x] af_iucv: Kernel panic during connect (IUCV transport) (Hendrik Brueckner) [1077045 1026388]
Family: unix Class: patch
Reference(s): ELSA-2014-0433
CVE-2012-6638
CVE-2013-2888
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27264
 
Oval ID: oval:org.mitre.oval:def:27264
Title: ELSA-2013-1645 -- Oracle Linux 6 kernel update (important)
Description: [2.6.32-431] - [md] Disabling of TRIM on RAID5 for RHEL6.5 was too aggressive (Jes Sorensen) [1028426]
Family: unix Class: patch
Reference(s): ELSA-2013-1645
CVE-2012-6542
CVE-2013-1929
CVE-2012-6545
CVE-2013-3231
CVE-2013-2164
CVE-2013-2234
CVE-2013-2851
CVE-2013-0343
CVE-2013-4345
CVE-2013-1928
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-4387
CVE-2013-4591
CVE-2013-4592
Version: 3
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27296
 
Oval ID: oval:org.mitre.oval:def:27296
Title: ELSA-2014-0433-1 -- kernel security, bug fix, and enhancement update (moderate)
Description: kernel [2.6.18-371.8.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Family: unix Class: patch
Reference(s): ELSA-2014-0433-1
CVE-2012-6638
CVE-2013-2888
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
ocfs2
oracleasm
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27338
 
Oval ID: oval:org.mitre.oval:def:27338
Title: ELSA-2013-2583 -- Unbreakable Enterprise Kernel security update (important)
Description: [3.8.13-16.2.2.el6uek] - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17841973] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17841968] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17841968] {CVE-2013-2889} - KVM: Fix iommu map/unmap to handle memory slot moves (Alex Williamson) [Orabug: 17841960] {CVE-2013-4592} - ansi_cprng: Fix off by one error in non-block size request (Jerry Snitselaar) [Orabug: 17837997] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17841940] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17841911] {CVE-2013-0343} - ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (Hannes Frederic Sowa) [Orabug: 17841928] {CVE-2013-4387}
Family: unix Class: patch
Reference(s): ELSA-2013-2583
CVE-2013-0343
CVE-2013-4345
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-4387
CVE-2013-4592
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
dtrace-modules-3.8.13-16.2.2.el6uek-provider-headers
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27358
 
Oval ID: oval:org.mitre.oval:def:27358
Title: ELSA-2013-2585 -- Unbreakable Enterprise Kernel security update (important)
Description: kernel-uek [2.6.32-400.33.3uek] - af_key: fix info leaks in notify messages (Mathias Krause) [Orabug: 17837974] {CVE-2013-2234} - drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (Jonathan Salwan) [Orabug: 17837971] {CVE-2013-2164} - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check (Kees Cook) [Orabug: 17837966] {CVE-2013-1928} - Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST) (Mathias Krause) [Orabug: 17837959] {CVE-2012-6545} - Bluetooth: RFCOMM - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17838023] {CVE-2012-6545} - llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Mathias Krause) [Orabug: 17837945] {CVE-2013-3231} - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17837942] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17837936] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17837936] - NFSv4: Check for buffer length in __nfs4_get_acl_uncached (Sven Wegener) [Orabug: 17837931] {CVE-2013-4591} - ansi_cprng: Fix off by one error in non-block size request (Neil Horman) [Orabug: 17837999] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17837925] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17837923] {CVE-2013-0343}
Family: unix Class: patch
Reference(s): ELSA-2013-2585
CVE-2012-6545
CVE-2013-3231
CVE-2013-2164
CVE-2013-2234
CVE-2013-0343
CVE-2013-4345
CVE-2013-1928
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-4591
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27363
 
Oval ID: oval:org.mitre.oval:def:27363
Title: ELSA-2013-2543 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.109.6] - block: do not pass disk names as format strings (Kees Cook) [Orabug: 17230083] {CVE-2013-2851} - libceph: Fix NULL pointer dereference in auth client code (Tyler Hicks) [Orabug: 17230108] {CVE-2013-1059} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371078] {CVE-2013-2232} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370788] {CVE-2013-2237} - Bluetooth: HCI - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17370892] {CVE-2012-6544} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371050] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371065] {CVE-2012-6544} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371118] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372121] {CVE-2013-2206}
Family: unix Class: patch
Reference(s): ELSA-2013-2543
CVE-2012-6544
CVE-2013-2206
CVE-2013-2232
CVE-2013-2237
CVE-2013-1059
CVE-2013-2851
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27431
 
Oval ID: oval:org.mitre.oval:def:27431
Title: ELSA-2013-2584 -- Unbreakable Enterprise Kernel security update (important)
Description: [2.6.39-400.211.2] - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check (Kees Cook) [Orabug: 17842208] {CVE-2013-1928} - Bluetooth: RFCOMM - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17842129] {CVE-2012-6545} - Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST) (Mathias Krause) [Orabug: 17842105] {CVE-2012-6545} - llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Mathias Krause) [Orabug: 17842095] {CVE-2013-3231} - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17842084] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17842081] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17842081] {CVE-2013-2889} - KVM: Fix iommu map/unmap to handle memory slot moves (Jerry Snitselaar) [Orabug: 17842075] {CVE-2013-4592} - ansi_cprng: Fix off by one error in non-block size request (Jerry Snitselaar) [Orabug: 17842072] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17842063] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17842056] {CVE-2013-0343} - ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (Hannes Frederic Sowa) [Orabug: 17842050] {CVE-2013-4387}
Family: unix Class: patch
Reference(s): ELSA-2013-2584
CVE-2012-6545
CVE-2013-3231
CVE-2013-0343
CVE-2013-4345
CVE-2013-1928
CVE-2013-2888
CVE-2013-2889
CVE-2013-2892
CVE-2013-4387
CVE-2013-4592
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 2
Os 1984
Os 3
Os 5

OpenVAS Exploits

Date Description
2012-12-26 Name : CentOS Update for kernel CESA-2012:1580 centos6
File : nvt/gb_CESA-2012_1580_kernel_centos6.nasl
2012-12-26 Name : RedHat Update for kernel RHSA-2012:1580-01
File : nvt/gb_RHSA-2012_1580-01_kernel.nasl
2012-08-30 Name : Fedora Update for kernel FEDORA-2012-8314
File : nvt/gb_fedora_2012_8314_kernel_fc17.nasl
2012-08-14 Name : Ubuntu Update for linux-ti-omap4 USN-1530-1
File : nvt/gb_ubuntu_USN_1530_1.nasl
2012-07-10 Name : Ubuntu Update for linux-ti-omap4 USN-1499-1
File : nvt/gb_ubuntu_USN_1499_1.nasl
2012-07-03 Name : Ubuntu Update for linux USN-1486-1
File : nvt/gb_ubuntu_USN_1486_1.nasl
2012-07-03 Name : Ubuntu Update for linux USN-1487-1
File : nvt/gb_ubuntu_USN_1487_1.nasl
2012-07-03 Name : Ubuntu Update for linux USN-1488-1
File : nvt/gb_ubuntu_USN_1488_1.nasl
2012-07-03 Name : Ubuntu Update for linux-lts-backport-oneiric USN-1489-1
File : nvt/gb_ubuntu_USN_1489_1.nasl
2012-07-03 Name : Ubuntu Update for linux-lts-backport-natty USN-1490-1
File : nvt/gb_ubuntu_USN_1490_1.nasl
2012-07-03 Name : Ubuntu Update for linux-ti-omap4 USN-1494-1
File : nvt/gb_ubuntu_USN_1494_1.nasl
2012-06-25 Name : Fedora Update for kernel FEDORA-2012-8931
File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-0856-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0140-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0189-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0003.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1783.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0284.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0566.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0829.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1264.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1490.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-1034.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-454.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-813.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-113.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2233-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2234-1.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0433.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0433-1.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0433.nasl - Type : ACT_GATHER_INFO
2014-04-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0433.nasl - Type : ACT_GATHER_INFO
2014-04-25 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140424_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2158-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2109-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2111-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2112-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2114-1.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3002.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140124.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140125.nasl - Type : ACT_GATHER_INFO
2014-01-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140116.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2064-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2065-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2066-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2068-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2070-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2071-1.nasl - Type : ACT_GATHER_INFO
2014-01-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2075-1.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-291.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2049-1.nasl - Type : ACT_GATHER_INFO
2013-12-06 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2038-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2041-1.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2045-1.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2583.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2584.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2585.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1645.nasl - Type : ACT_GATHER_INFO
2013-11-11 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-265.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2015-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2016-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2019-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2020-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2021-1.nasl - Type : ACT_GATHER_INFO
2013-11-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2023-1.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-233.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1449-1.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131022_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1449.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1995-1.nasl - Type : ACT_GATHER_INFO
2013-10-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1998-1.nasl - Type : ACT_GATHER_INFO
2013-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2013-18822.nasl - Type : ACT_GATHER_INFO
2013-10-15 Name : The remote Fedora host is missing a security update.
File : fedora_2013-18820.nasl - Type : ACT_GATHER_INFO
2013-10-15 Name : The remote Fedora host is missing a security update.
File : fedora_2013-18867.nasl - Type : ACT_GATHER_INFO
2013-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2013-18364.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17942.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17982.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-218.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-228.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17865.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1976-1.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1977-1.nasl - Type : ACT_GATHER_INFO
2013-09-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2766.nasl - Type : ACT_GATHER_INFO
2013-09-27 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-242.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130827.nasl - Type : ACT_GATHER_INFO
2013-09-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130828.nasl - Type : ACT_GATHER_INFO
2013-09-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2546.nasl - Type : ACT_GATHER_INFO
2013-09-16 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16336.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16379.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1941-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1943-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1944-1.nasl - Type : ACT_GATHER_INFO
2013-09-07 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1947-1.nasl - Type : ACT_GATHER_INFO
2013-09-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1938-1.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-148.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-200.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2745.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2542.nasl - Type : ACT_GATHER_INFO
2013-08-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2543.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-15151.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-15198.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166-1.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130820_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1166.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1931-1.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1932-1.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1935-1.nasl - Type : ACT_GATHER_INFO
2013-08-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1936-1.nasl - Type : ACT_GATHER_INFO
2013-07-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1912-1.nasl - Type : ACT_GATHER_INFO
2013-07-30 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1913-1.nasl - Type : ACT_GATHER_INFO
2013-07-19 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12990.nasl - Type : ACT_GATHER_INFO
2013-07-18 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130702.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-10689.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-10695.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12339.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-12530.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-9123.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-194.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2047.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0747-1.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0747.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1034-1.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2507.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2525.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2534.nasl - Type : ACT_GATHER_INFO
2013-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-07-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130710_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-07-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1034.nasl - Type : ACT_GATHER_INFO
2013-06-25 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-176.nasl - Type : ACT_GATHER_INFO
2013-06-18 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-130604.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1876-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1877-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1878-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1880-1.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1881-1.nasl - Type : ACT_GATHER_INFO
2013-06-04 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8583.nasl - Type : ACT_GATHER_INFO
2013-06-04 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8587.nasl - Type : ACT_GATHER_INFO
2013-05-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1833-1.nasl - Type : ACT_GATHER_INFO
2013-05-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1834-1.nasl - Type : ACT_GATHER_INFO
2013-05-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1835-1.nasl - Type : ACT_GATHER_INFO
2013-05-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1837-1.nasl - Type : ACT_GATHER_INFO
2013-05-17 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2669.nasl - Type : ACT_GATHER_INFO
2013-05-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1829-1.nasl - Type : ACT_GATHER_INFO
2013-05-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1824-1.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2668.nasl - Type : ACT_GATHER_INFO
2013-05-04 Name : The remote Fedora host is missing a security update.
File : fedora_2013-6999.nasl - Type : ACT_GATHER_INFO
2013-04-29 Name : The remote Fedora host is missing a security update.
File : fedora_2013-6537.nasl - Type : ACT_GATHER_INFO
2013-04-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1808-1.nasl - Type : ACT_GATHER_INFO
2013-04-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1805-1.nasl - Type : ACT_GATHER_INFO
2013-04-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130416_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0747.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0747.nasl - Type : ACT_GATHER_INFO
2013-04-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-5368.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120620.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120621.nasl - Type : ACT_GATHER_INFO
2012-12-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2012-12-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20121218_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-12-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2012-08-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1530-1.nasl - Type : ACT_GATHER_INFO
2012-07-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1499-1.nasl - Type : ACT_GATHER_INFO
2012-07-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1494-1.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1486-1.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1487-1.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1488-1.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1489-1.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1490-1.nasl - Type : ACT_GATHER_INFO
2012-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8931.nasl - Type : ACT_GATHER_INFO
2012-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8314.nasl - Type : ACT_GATHER_INFO
2012-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8359.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-11-13 13:27:21
  • Multiple Updates
2014-02-17 11:57:38
  • Multiple Updates
2013-11-21 09:18:25
  • First insertion