Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel vulnerabilities
Informations
Name USN-2417-1 First vendor Publication 2014-11-25
Vendor Ubuntu Last vendor Modification 2014-11-25
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description: - linux: Linux kernel

Details:

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (CVE-2014-3647)

A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (CVE-2014-3646)

A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (CVE-2014-3645)

Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)

Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (CVE-2014-3610)

A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3673)

A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-3687)

It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (CVE-2014-3688)

A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (CVE-2014-3690)

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608)

It was discovered the Linux kernel's implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (CVE-2014-7207)

Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (CVE-2014-7975)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-72-generic 3.2.0-72.107
linux-image-3.2.0-72-generic-pae 3.2.0-72.107
linux-image-3.2.0-72-highbank 3.2.0-72.107
linux-image-3.2.0-72-omap 3.2.0-72.107
linux-image-3.2.0-72-powerpc-smp 3.2.0-72.107
linux-image-3.2.0-72-powerpc64-smp 3.2.0-72.107
linux-image-3.2.0-72-virtual 3.2.0-72.107

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.

References:
http://www.ubuntu.com/usn/usn-2417-1
CVE-2014-3610, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646,
CVE-2014-3647, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688,
CVE-2014-3690, CVE-2014-4608, CVE-2014-7207, CVE-2014-7975

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-72.107

Original Source

Url : http://www.ubuntu.com/usn/USN-2417-1

CWE : Common Weakness Enumeration

% Id Name
29 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
29 % CWE-20 Improper Input Validation
14 % CWE-399 Resource Management Errors
14 % CWE-362 Race Condition
14 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24968
 
Oval ID: oval:org.mitre.oval:def:24968
Title: USN-2286-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2286-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-1739
CVE-2014-3144
CVE-2014-3145
CVE-2014-3917
CVE-2014-4014
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25055
 
Oval ID: oval:org.mitre.oval:def:25055
Title: USN-2284-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2284-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25111
 
Oval ID: oval:org.mitre.oval:def:25111
Title: USN-2282-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2282-1
CVE-2014-4943
CVE-2014-3917
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25118
 
Oval ID: oval:org.mitre.oval:def:25118
Title: USN-2285-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2285-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-1739
CVE-2014-3917
CVE-2014-4014
CVE-2014-4027
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25123
 
Oval ID: oval:org.mitre.oval:def:25123
Title: USN-2281-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2281-1
CVE-2014-4943
CVE-2014-3917
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25252
 
Oval ID: oval:org.mitre.oval:def:25252
Title: USN-2283-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2283-1
CVE-2014-4943
CVE-2014-0131
CVE-2014-4608
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27268
 
Oval ID: oval:org.mitre.oval:def:27268
Title: ELSA-2014-1724 -- kernel security and bug fix update (important)
Description: [3.10.0-123.9.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.9.2] - [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611} - [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646} [3.10.0-123.9.1] - [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905] - [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055] - [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055] - [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372] - [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774] - [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965] - [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731] - [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731] - [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184] - [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250] - [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752] - [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752] - [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977] - [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406] - [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077} - [sound] alsa/control: Don't access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653}
Family: unix Class: patch
Reference(s): ELSA-2014-1724
CVE-2014-4653
CVE-2014-5077
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
Version: 3
Platform(s): Oracle Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27543
 
Oval ID: oval:org.mitre.oval:def:27543
Title: USN-2415-1 -- Linux kernel vulnerability
Description: Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability).
Family: unix Class: patch
Reference(s): USN-2415-1
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27666
 
Oval ID: oval:org.mitre.oval:def:27666
Title: DSA-3060-1 -- linux security update
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.
Family: unix Class: patch
Reference(s): DSA-3060-1
CVE-2014-3610
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
CVE-2014-3647
CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-3690
CVE-2014-7207
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27756
 
Oval ID: oval:org.mitre.oval:def:27756
Title: USN-2418-1 -- Linux kernel (OMAP4) vulnerabilities
Description: Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3645">CVE-2014-3645</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3673">CVE-2014-3673</a>) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3687">CVE-2014-3687</a>) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3688">CVE-2014-3688</a>) A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) It was discovered the Linux kernel&#39;s implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7207">CVE-2014-7207</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2418-1
CVE-2014-3647
CVE-2014-3646
CVE-2014-3645
CVE-2014-3611
CVE-2014-3610
CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-3690
CVE-2014-4608
CVE-2014-7207
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27974
 
Oval ID: oval:org.mitre.oval:def:27974
Title: ELSA-2014-3089 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.36.11uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010592] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010579] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3089
CVE-2014-3687
CVE-2014-3673
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27992
 
Oval ID: oval:org.mitre.oval:def:27992
Title: RHSA-2014:1843 -- kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel&#39;s KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel&#39;s KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. (BZ#1142570) * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op-&gt;d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). (BZ#1145193) * Due to previous changes in the virtio-net driver, a Red Hat Enterprise Linux 6.6 guest was unable to boot with the &quot;mgr_rxbuf=off&quot; option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver&#39;s Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. (BZ#1148693) * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. (BZ#1149083) * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. (BZ#1149578) * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. (BZ#1149580) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1843
CESA-2014:1843
CVE-2014-3185
CVE-2014-3611
CVE-2014-3645
CVE-2014-3646
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28026
 
Oval ID: oval:org.mitre.oval:def:28026
Title: USN-2419-1 -- Linux kernel (Trusty HWE) vulnerabilities
Description: A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7970">CVE-2014-7970</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2419-1
CVE-2014-3690
CVE-2014-4608
CVE-2014-7970
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28203
 
Oval ID: oval:org.mitre.oval:def:28203
Title: USN-2396-1 -- Linux kernel vulnerabilities
Description: Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>)
Family: unix Class: patch
Reference(s): USN-2396-1
CVE-2014-3647
CVE-2014-3646
CVE-2014-3611
CVE-2014-3610
Version: 5
Platform(s): Ubuntu 14.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28227
 
Oval ID: oval:org.mitre.oval:def:28227
Title: ELSA-2014-3087 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [3.8.13-44.1.5.el6uek] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010590] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010577] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3087
CVE-2014-3687
CVE-2014-3673
Version: 5
Platform(s): Oracle Linux 6
Oracle Linux 7
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28298
 
Oval ID: oval:org.mitre.oval:def:28298
Title: USN-2421-1 -- Linux kernel vulnerabilities
Description: A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2421-1
CVE-2014-3690
CVE-2014-4608
CVE-2014-7975
Version: 5
Platform(s): Ubuntu 14.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28309
 
Oval ID: oval:org.mitre.oval:def:28309
Title: ELSA-2014-3088 -- Unbreakable Enterprise kernel security update (important)
Description: [2.6.39-400.215.13] - net: sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [Orabug: 20010591] {CVE-2014-3687} - net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [Orabug: 20010578] {CVE-2014-3673}
Family: unix Class: patch
Reference(s): ELSA-2014-3088
CVE-2014-3687
CVE-2014-3673
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28348
 
Oval ID: oval:org.mitre.oval:def:28348
Title: USN-2416-1 -- Linux kernel (EC2) vulnerabilities
Description: Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2416-1
CVE-2014-4608
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28423
 
Oval ID: oval:org.mitre.oval:def:28423
Title: USN-2417-1 -- Linux kernel vulnerabilities
Description: Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3645">CVE-2014-3645</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3673">CVE-2014-3673</a>) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3687">CVE-2014-3687</a>) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3688">CVE-2014-3688</a>) A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) It was discovered the Linux kernel&#39;s implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7207">CVE-2014-7207</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2417-1
CVE-2014-3647
CVE-2014-3646
CVE-2014-3645
CVE-2014-3611
CVE-2014-3610
CVE-2014-3673
CVE-2014-3687
CVE-2014-3688
CVE-2014-3690
CVE-2014-4608
CVE-2014-7207
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28454
 
Oval ID: oval:org.mitre.oval:def:28454
Title: USN-2420-1 -- Linux kernel vulnerabilities
Description: A flaw was discovered in how the Linux kernel&#39;s KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7970">CVE-2014-7970</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>)
Family: unix Class: patch
Reference(s): USN-2420-1
CVE-2014-3690
CVE-2014-4608
CVE-2014-7970
CVE-2014-7975
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 4
Os 1
Os 2168
Os 1
Os 2
Os 1
Os 1
Os 3
Os 2
Os 1
Os 1
Os 1
Os 1
Os 1
Os 4

Snort® IPS/IDS

Date Description
2015-07-13 Linux kernel SCTP Unknown Chunk Types denial of service attempt
RuleID : 34802 - Revision : 2 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2017-08-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170801_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-08-09 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO
2017-08-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2077.nasl - Type : ACT_GATHER_INFO
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-07-25 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16025.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13145361.nasl - Type : ACT_GATHER_INFO
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-11-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO
2015-09-09 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL17199.nasl - Type : ACT_GATHER_INFO
2015-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1272.nasl - Type : ACT_GATHER_INFO
2015-06-17 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1071-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0068-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0178-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0529-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0652-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150422_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150421_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0040.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0782.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-118.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150305_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO
2015-03-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3012.nasl - Type : ACT_GATHER_INFO
2015-03-19 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-058.nasl - Type : ACT_GATHER_INFO
2015-03-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0284.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO
2015-02-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0115.nasl - Type : ACT_GATHER_INFO
2015-02-04 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2491-1.nasl - Type : ACT_GATHER_INFO
2015-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0062.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-027.nasl - Type : ACT_GATHER_INFO
2015-01-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0043.nasl - Type : ACT_GATHER_INFO
2015-01-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2462-1.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO
2014-12-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-793.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-794.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-2.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-2.nasl - Type : ACT_GATHER_INFO
2014-12-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-18 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141216_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15912.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO
2014-12-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15910.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3103.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3104.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3105.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141209_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2441-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2442-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2445-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2446-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-1.nasl - Type : ACT_GATHER_INFO
2014-12-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-1.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO
2014-12-05 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3096.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-230.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2415-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2416-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2417-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2419-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2420-1.nasl - Type : ACT_GATHER_INFO
2014-11-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2421-1.nasl - Type : ACT_GATHER_INFO
2014-11-19 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3089.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Fedora host is missing a security update.
File : fedora_2014-14068.nasl - Type : ACT_GATHER_INFO
2014-11-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3087.nasl - Type : ACT_GATHER_INFO
2014-11-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3088.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3086.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141014_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141028_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3060.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Fedora host is missing a security update.
File : fedora_2014-12955.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Fedora host is missing a security update.
File : fedora_2014-14126.nasl - Type : ACT_GATHER_INFO
2014-11-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2396-1.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3084.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3085.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2394-1.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2395-1.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13558.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13773.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13045.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-13020.nasl - Type : ACT_GATHER_INFO
2014-10-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-368.nasl - Type : ACT_GATHER_INFO
2014-08-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-155.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote Fedora host is missing a security update.
File : fedora_2014-8487.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2281-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2282-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2283-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2285-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2286-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2287-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2288-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2289-1.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2290-1.nasl - Type : ACT_GATHER_INFO
2014-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7863.nasl - Type : ACT_GATHER_INFO
2014-06-27 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d1f5e12afd5a11e3a108080027ef73ec.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-11-30 09:29:00
  • Multiple Updates
2014-11-26 13:28:31
  • Multiple Updates
2014-11-25 05:28:28
  • First insertion