Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kernel security, bug fix, and enhancement update
Informations
Name RHSA-2014:1392 First vendor Publication 2014-10-14
Vendor RedHat Last vendor Modification 2014-10-14
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

* A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important)

* An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important)

* A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate)

* It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate)

* It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate)

* A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-3601, Moderate)

* Multiple use-after-free flaws were found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate)

* A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate)

* An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4608, Low)

Red Hat would like to thank Vladimir Davydov of Parallels for reporting CVE-2013-4483, Jack Morgenstein of Mellanox for reporting CVE-2014-3601, Vasily Averin of Parallels for reporting CVE-2014-5045, and Don A. Bailey from Lab Mouse Security for reporting CVE-2014-4608. The security impact of the CVE-2014-3601 issue was discovered by Michael Tsirkin of Red Hat.

This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 6.6 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References.

All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.6 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

5. Bugs fixed (https://bugzilla.redhat.com/):

739866 - checkpolicy cannot parse /selinux/policy on ppc64 and s390x 786463 - nfs mount hangs when kerberos ticket expires 889471 - [Btrfs] BUG: unable to handle kernel NULL pointer dereference at (null) btrfs_get_sb should return error when open_ctree failed 915862 - The sync mount option does not work for NFSv4 mounts in RHEL6 997651 - possible recursive locking detected 998024 - nfsd sometimes grants delegations too soon following conflicting open requests 1010882 - kvm: backport "Improve create VCPU parameter" 1024854 - CVE-2013-4483 kernel: ipc: ipc_rcu_putref refcount races 1027480 - alb_send_learning_packets using an obsolete EtherType 1030411 - resizing thin-snapshot with external origin should return zeros behind origin's end 1031488 - Restore the mask bit correctly in eoi_ioapic_irq() 1034490 - CVE-2013-2596 kernel: integer overflow in fb_mmap 1036972 - use after free in new nfsd DRC code 1044438 - cifs: Unable to append to an existing file in cache=none mode. 1059496 - KVM: x86 emulator: Implement jmp far opcode ff/5 1063836 - kvm: 23090: cpu0 unhandled wrmsr 0x391 data 2000000f 1065304 - kernel/sched: incorrect setup of sched_group->cpu_power for NUMA systems 1069028 - ixgbevf prematurely strips VLAN tags 1072373 - Along with the increase of vCPUs in guest, and guest OS will spend more time to boot up in specified machine. 1077463 - gfs2: quotas not refreshed in gfs2_adjust_quota 1090423 - Data integrity issue on rebuilding RAID 6 with 100MB resync speed 1093076 - CVE-2014-3122 Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking 1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages 1095627 - missing vhost schedule causing thread starvation 1100523 - ext4 filesystem option 'max_batch_time' actually displays 'min_batch_time' in /proc/mounts 1113409 - CVE-2014-4653 Kernel: ALSA: control: do not access controls outside of protected regions 1113445 - CVE-2014-4654 CVE-2014-4655 Kernel: ALSA: control: use-after-free in replacing user controls 1113899 - CVE-2014-4608 kernel: lzo1x_decompress_safe() integer overflow 1118123 - [Hyper-V][REHL 6.6] fcopy large file from host to guest failed 1122472 - CVE-2014-5045 kernel: vfs: refcount issues during unmount on symlink 1122982 - CVE-2014-5077 Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions 1124351 - raid1 Data corruption after recovery with bitmap 1127231 - dmeventd hanging while handling lost leg in RAID1 LV 1131951 - CVE-2014-3601 kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2014-1392.html

CWE : Common Weakness Enumeration

% Id Name
27 % CWE-189 Numeric Errors (CWE/SANS Top 25)
18 % CWE-416 Use After Free
18 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
9 % CWE-476 NULL Pointer Dereference
9 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
9 % CWE-264 Permissions, Privileges, and Access Controls
9 % CWE-59 Improper Link Resolution Before File Access ('Link Following')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24568
 
Oval ID: oval:org.mitre.oval:def:24568
Title: USN-2234-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2234-1
CVE-2014-3153
CVE-2013-4387
CVE-2013-4470
CVE-2013-4483
CVE-2014-1438
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24633
 
Oval ID: oval:org.mitre.oval:def:24633
Title: USN-2238-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2238-1
CVE-2014-3153
CVE-2013-4483
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24658
 
Oval ID: oval:org.mitre.oval:def:24658
Title: USN-2239-1 -- linux-lts-saucy vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2239-1
CVE-2014-3153
CVE-2014-0155
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24753
 
Oval ID: oval:org.mitre.oval:def:24753
Title: USN-2240-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2240-1
CVE-2014-3153
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24761
 
Oval ID: oval:org.mitre.oval:def:24761
Title: USN-2224-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2224-1
CVE-2014-1738
CVE-2014-1737
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24832
 
Oval ID: oval:org.mitre.oval:def:24832
Title: USN-2235-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2235-1
CVE-2014-3153
CVE-2014-0055
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24844
 
Oval ID: oval:org.mitre.oval:def:24844
Title: USN-2241-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2241-1
CVE-2014-3153
CVE-2014-0155
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24852
 
Oval ID: oval:org.mitre.oval:def:24852
Title: USN-2233-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2233-1
CVE-2014-3153
CVE-2013-4387
CVE-2013-4470
CVE-2013-4483
CVE-2014-1438
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24853
 
Oval ID: oval:org.mitre.oval:def:24853
Title: USN-2223-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2223-1
CVE-2014-1738
CVE-2014-1737
CVE-2013-4483
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24860
 
Oval ID: oval:org.mitre.oval:def:24860
Title: USN-2236-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2236-1
CVE-2014-3153
CVE-2014-0055
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24968
 
Oval ID: oval:org.mitre.oval:def:24968
Title: USN-2286-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2286-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-1739
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4014
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25055
 
Oval ID: oval:org.mitre.oval:def:25055
Title: USN-2284-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2284-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25111
 
Oval ID: oval:org.mitre.oval:def:25111
Title: USN-2282-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2282-1
CVE-2014-4943
CVE-2014-3917
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25118
 
Oval ID: oval:org.mitre.oval:def:25118
Title: USN-2285-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2285-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-1739
CVE-2014-3917
CVE-2014-4014
CVE-2014-4027
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25123
 
Oval ID: oval:org.mitre.oval:def:25123
Title: USN-2281-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2281-1
CVE-2014-4943
CVE-2014-3917
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25161
 
Oval ID: oval:org.mitre.oval:def:25161
Title: USN-2260-1 -- linux-lts-trusty vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2260-1
CVE-2014-0196
CVE-2014-3153
CVE-2014-1738
CVE-2014-1737
CVE-2014-0077
CVE-2014-2568
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25252
 
Oval ID: oval:org.mitre.oval:def:25252
Title: USN-2283-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2283-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25408
 
Oval ID: oval:org.mitre.oval:def:25408
Title: SUSE-SU-2014:0696-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise Server 11 SP2 LTSS kernel received a roll-up update to fix security and non-security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0696-1
CVE-2013-4470
CVE-2013-4579
CVE-2013-6382
CVE-2013-6885
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7339
CVE-2014-0069
CVE-2014-0101
CVE-2014-0196
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1737
CVE-2014-1738
CVE-2014-1874
CVE-2014-2039
CVE-2014-2523
CVE-2014-2678
CVE-2014-3122
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26081
 
Oval ID: oval:org.mitre.oval:def:26081
Title: USN-2333-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2333-1
CVE-2014-0203
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5077
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26346
 
Oval ID: oval:org.mitre.oval:def:26346
Title: USN-2335-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2335-1
CVE-2014-3917
CVE-2014-4027
CVE-2014-4171
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5077
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26591
 
Oval ID: oval:org.mitre.oval:def:26591
Title: USN-2337-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2337-1
CVE-2014-0155
CVE-2014-0181
CVE-2014-0206
CVE-2014-4014
CVE-2014-4027
CVE-2014-4171
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5045
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26633
 
Oval ID: oval:org.mitre.oval:def:26633
Title: USN-2336-1 -- linux-lts-trusty vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2336-1
CVE-2014-0155
CVE-2014-0181
CVE-2014-0206
CVE-2014-4014
CVE-2014-4027
CVE-2014-4171
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5045
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26732
 
Oval ID: oval:org.mitre.oval:def:26732
Title: USN-2334-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2334-1
CVE-2014-3917
CVE-2014-4027
CVE-2014-4171
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5077
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26751
 
Oval ID: oval:org.mitre.oval:def:26751
Title: USN-2332-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2332-1
CVE-2014-0203
CVE-2014-4508
CVE-2014-4652
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-4656
CVE-2014-4667
CVE-2014-5077
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27024
 
Oval ID: oval:org.mitre.oval:def:27024
Title: ELSA-2014-1392 -- kernel security, bug fix, and enhancement update (important)
Description: * A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) * It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate) * A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-3601, Moderate) * Multiple use-after-free flaws were found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate) * A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate) * An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4608, Low)
Family: unix Class: patch
Reference(s): ELSA-2014-1392
CVE-2013-4483
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-5077
CVE-2014-3601
CVE-2014-3122
CVE-2013-2596
CVE-2014-4608
CVE-2014-5045
CVE-2014-0181
Version: 3
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27086
 
Oval ID: oval:org.mitre.oval:def:27086
Title: RHSA-2014:1392: kernel security, bug fix, and enhancement update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) * It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate) * A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-3601, Moderate) * Multiple use-after-free flaws were found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate) * A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate) * An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4608, Low) Red Hat would like to thank Vladimir Davydov of Parallels for reporting CVE-2013-4483, Jack Morgenstein of Mellanox for reporting CVE-2014-3601, Vasily Averin of Parallels for reporting CVE-2014-5045, and Don A. Bailey from Lab Mouse Security for reporting CVE-2014-4608. The security impact of the CVE-2014-3601 issue was discovered by Michael Tsirkin of Red Hat. This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 6.6 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References. All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.6 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1392-01
CVE-2013-2596
CVE-2013-4483
CVE-2014-0181
CVE-2014-3122
CVE-2014-3601
CVE-2014-4608
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-5045
CVE-2014-5077
CESA-2014:1392
Version: 5
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27136
 
Oval ID: oval:org.mitre.oval:def:27136
Title: ELSA-2014-3082 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.39-400.215.11] - ALSA: control: Don't access controls outside of protected regions (Lars-Peter Clausen) [Orabug: 19817786] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - ALSA: control: Fix replacing user controls (Lars-Peter Clausen) [Orabug: 19817748] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601) (Michael S. Tsirkin) [Orabug: 19817647] {CVE-2014-3601} - mm: try_to_unmap_cluster() should lock_page() before mlocking (Vlastimil Babka) [Orabug: 19817323] {CVE-2014-3122} - vm: convert fb_mmap to vm_iomap_memory() helper (Linus Torvalds) [Orabug: 19816563] {CVE-2013-2596} - vm: add vm_iomap_memory() helper function (Linus Torvalds) [Orabug: 19816563] {CVE-2013-2596} - net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [Orabug: 19816068] {CVE-2014-5077}
Family: unix Class: patch
Reference(s): ELSA-2014-3082
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-5077
CVE-2014-3601
CVE-2014-3122
CVE-2013-2596
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27227
 
Oval ID: oval:org.mitre.oval:def:27227
Title: ELSA-2014-3083 -- Unbreakable Enterprise kernel Security update (important)
Description: kernel-uek [2.6.32-400.36.9uek] - ALSA: control: Don't access controls outside of protected regions (Lars-Peter Clausen) [Orabug: 19817787] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - ALSA: control: Fix replacing user controls (Lars-Peter Clausen) [Orabug: 19817749] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655} - mm: try_to_unmap_cluster() should lock_page() before mlocking (Vlastimil Babka) [Orabug: 19817324] {CVE-2014-3122} - vm: convert fb_mmap to vm_iomap_memory() helper (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - vm: add vm_iomap_memory() helper function (Linus Torvalds) [Orabug: 19816564] {CVE-2013-2596} - net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [Orabug: 19816069] {CVE-2014-5077}
Family: unix Class: patch
Reference(s): ELSA-2014-3083
CVE-2014-4653
CVE-2014-4654
CVE-2014-4655
CVE-2014-5077
CVE-2014-3122
CVE-2013-2596
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27775
 
Oval ID: oval:org.mitre.oval:def:27775
Title: ELSA-2014-1959-1 -- kernel security and bug fix update (moderate)
Description: kernel [2.6.18-400.0.0.0.1] - [net] fix tcp_trim_head() (James Li) [orabug 14512145, 19219078] - ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Family: unix Class: patch
Reference(s): ELSA-2014-1959-1
CVE-2014-0181
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27990
 
Oval ID: oval:org.mitre.oval:def:27990
Title: ELSA-2014-1959 -- kernel security and bug fix update (moderate)
Description: kernel [2.6.18-400] - [net] bridge: disable snooping if there is no querier (Frantisek Hrbata) [902454] - [s390] kernel: sysinfo: convert /proc/sysinfo to seqfile (Alexander Gordeev) [1131283] - [net] netlink: verify permisions of socket creator (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: store effective caps at socket() time (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Rename netlink_capable netlink_allowed (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Fix permission check in netlink_connect() (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: fix possible spoofing from non-root processes (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: Make NETLINK_USERSOCK work again (Jiri Benc) [1094266] {CVE-2014-0181} - [net] netlink: fix for too early rmmod (Jiri Benc) [1094266] {CVE-2014-0181} [2.6.18-399] - [kernel] do_setitimer: cancel real_timer if try_to_cancel fails (Oleg Nesterov) [1134654]
Family: unix Class: patch
Reference(s): ELSA-2014-1959
CVE-2014-0181
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28090
 
Oval ID: oval:org.mitre.oval:def:28090
Title: RHSA-2014:1724 -- kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) * A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. (CVE-2014-4653, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. Bug fixes: * A known issue that could prevent Chelsio adapters using the cxgb4 driver from being initialized on IBM POWER8 systems has been fixed. These adapters can now be used on IBM POWER8 systems as expected. (BZ#1130548) * When bringing a hot-added CPU online, the kernel did not initialize a CPU mask properly, which could result in a kernel panic. This update corrects the bug by ensuring that the CPU mask is properly initialized and the correct NUMA node selected. (BZ#1134715) * The kernel could fail to bring a CPU online if the hardware supported both, the acpi-cpufreq and intel_pstate modules. This update ensures that the acpi-cpufreq module is not loaded in the intel_pstate module is loaded. (BZ#1134716) * Due to a bug in the time accounting of the kernel scheduler, a divide error could occur when hot adding a CPU. To fix this problem, the kernel scheduler time accounting has been reworked. (BZ#1134717) * The kernel did not handle exceptions caused by an invalid floating point control (FPC) register, resulting in a kernel oops. This problem has been fixed by placing the label to handle these exceptions to the correct place in the code. (BZ#1138733) * A previous change to the kernel for the PowerPC architecture changed implementation of the compat_sys_sendfile() function. Consequently, the 64-bit sendfile() system call stopped working for files larger than 2 GB on PowerPC. This update restores previous behavior of sendfile() on PowerPC, and it again process files bigger than 2 GB as expected. (BZ#1139126) * Previously, the kernel scheduler could schedule a CPU topology update even though the topology did not change. This could negatively affect the CPU load balancing, cause degradation of the system performance, and eventually result in a kernel oops. This problem has been fixed by skipping the CPU topology update if the topology has not actually changed. (BZ#1140300) * Previously, recovery of a double-degraded RAID6 array could, under certain circumstances, result in data corruption. This could happen because the md driver was using an optimization that is safe to use only for single-degraded arrays. This update ensures that this optimization is skipped during the recovery of double-degraded RAID6 arrays. (BZ#1143850) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1724
CESA-2014:1724
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
CVE-2014-4653
CVE-2014-5077
Version: 3
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28295
 
Oval ID: oval:org.mitre.oval:def:28295
Title: RHSA-2014:1959 -- kernel security and bug fix update (Moderate)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) Red Hat would like to thank Andy Lutomirski for reporting this issue. This update also fixes the following bugs: * Previously, the kernel did not successfully deliver multicast packets when the multicast querier was disabled. Consequently, the corosync utility terminated unexpectedly and the affected storage node did not join its intended cluster. With this update, multicast packets are delivered properly when the multicast querier is disabled, and corosync handles the node as expected. (BZ#902454) * Previously, the kernel wrote the metadata contained in all system information blocks on a single page of the /proc/sysinfo file. However, when the machine configuration was very extensive and the data did not fit on a single page, the system overwrote random memory regions, which in turn caused data corruption when reading the /proc/sysconf file. With this update, /proc/sysinfo automatically allocates a larger buffer if the data output does not fit the current buffer, which prevents the data corruption. (BZ#1131283) * Prior to this update, the it_real_fn() function did not, in certain cases, successfully acquire the SIGLOCK signal when the do_setitimer() function used the ITIMER_REAL timer. As a consequence, the current process entered an endless loop and became unresponsive. This update fixes the bug and it_real_fn() no longer causes the kernel to become unresponsive. (BZ#1134654) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1959
CESA-2014:1959
CVE-2014-0181
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 6
Os 1
Os 2156
Os 1
Os 1
Os 1
Os 1
Os 1
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 4
Os 1

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-06-20 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL31300371.nasl - Type : ACT_GATHER_INFO
2016-03-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0450.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0450.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0450.nasl - Type : ACT_GATHER_INFO
2016-03-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160315_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0140-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0189-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1138-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0652-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-04-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0803.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0040.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0782.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-103.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0034.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0695.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-03-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0674.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0284.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0062.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-793.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141209_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-06 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1959-1.nasl - Type : ACT_GATHER_INFO
2014-12-06 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1959.nasl - Type : ACT_GATHER_INFO
2014-12-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141204_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1959.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3096.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1959.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-230.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2416-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2417-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2419-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2420-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2421-1.nasl - Type : ACT_GATHER_INFO
2014-11-20 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15852.nasl - Type : ACT_GATHER_INFO
2014-11-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1872.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1668.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1763.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141014_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141028_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-23 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140924.nasl - Type : ACT_GATHER_INFO
2014-10-23 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-bigsmp-201409-140924.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3081.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3082.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3083.nasl - Type : ACT_GATHER_INFO
2014-10-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-368.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2356-1.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2358-1.nasl - Type : ACT_GATHER_INFO
2014-09-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2359-1.nasl - Type : ACT_GATHER_INFO
2014-09-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2332-1.nasl - Type : ACT_GATHER_INFO
2014-09-03 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2333-1.nasl - Type : ACT_GATHER_INFO
2014-09-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2334-1.nasl - Type : ACT_GATHER_INFO
2014-09-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2336-1.nasl - Type : ACT_GATHER_INFO
2014-09-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2337-1.nasl - Type : ACT_GATHER_INFO
2014-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO
2014-08-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1083.nasl - Type : ACT_GATHER_INFO
2014-08-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-493.nasl - Type : ACT_GATHER_INFO
2014-08-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3067.nasl - Type : ACT_GATHER_INFO
2014-08-09 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9142.nasl - Type : ACT_GATHER_INFO
2014-08-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-155.nasl - Type : ACT_GATHER_INFO
2014-08-07 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1023.nasl - Type : ACT_GATHER_INFO
2014-08-07 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1023.nasl - Type : ACT_GATHER_INFO
2014-08-07 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1023.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote Fedora host is missing a security update.
File : fedora_2014-9010.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-478.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-8487.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0913.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0439.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0557.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2281-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2282-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2283-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2285-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2286-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2287-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2288-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2289-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2290-1.nasl - Type : ACT_GATHER_INFO
2014-07-02 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-451.nasl - Type : ACT_GATHER_INFO
2014-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7863.nasl - Type : ACT_GATHER_INFO
2014-06-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2260-1.nasl - Type : ACT_GATHER_INFO
2014-06-27 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d1f5e12afd5a11e3a108080027ef73ec.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-441.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2233-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2234-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2235-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2238-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2239-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2240-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2241-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO
2014-05-22 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6354.nasl - Type : ACT_GATHER_INFO
2014-05-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2926.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6122.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0285-1.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2014-03-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0285.nasl - Type : ACT_GATHER_INFO
2013-11-11 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-265.nasl - Type : ACT_GATHER_INFO
2013-06-25 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-176.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-11-13 13:27:23
  • Multiple Updates
2014-10-23 13:25:00
  • Multiple Updates
2014-10-16 13:25:50
  • Multiple Updates
2014-10-14 09:22:21
  • First insertion