Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel vulnerabilities
Informations
Name USN-625-1 First vendor Publication 2008-07-15
Vendor Ubuntu Last vendor Modification 2008-07-15
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:
linux-image-2.6.15-52-386 2.6.15-52.69
linux-image-2.6.15-52-686 2.6.15-52.69
linux-image-2.6.15-52-amd64-generic 2.6.15-52.69
linux-image-2.6.15-52-amd64-k8 2.6.15-52.69
linux-image-2.6.15-52-amd64-server 2.6.15-52.69
linux-image-2.6.15-52-amd64-xeon 2.6.15-52.69
linux-image-2.6.15-52-hppa32 2.6.15-52.69
linux-image-2.6.15-52-hppa32-smp 2.6.15-52.69
linux-image-2.6.15-52-hppa64 2.6.15-52.69
linux-image-2.6.15-52-hppa64-smp 2.6.15-52.69
linux-image-2.6.15-52-itanium 2.6.15-52.69
linux-image-2.6.15-52-itanium-smp 2.6.15-52.69
linux-image-2.6.15-52-k7 2.6.15-52.69
linux-image-2.6.15-52-mckinley 2.6.15-52.69
linux-image-2.6.15-52-mckinley-smp 2.6.15-52.69
linux-image-2.6.15-52-powerpc 2.6.15-52.69
linux-image-2.6.15-52-powerpc-smp 2.6.15-52.69
linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.69
linux-image-2.6.15-52-server 2.6.15-52.69
linux-image-2.6.15-52-server-bigiron 2.6.15-52.69
linux-image-2.6.15-52-sparc64 2.6.15-52.69
linux-image-2.6.15-52-sparc64-smp 2.6.15-52.69

Ubuntu 7.04:
linux-image-2.6.20-17-386 2.6.20-17.37
linux-image-2.6.20-17-generic 2.6.20-17.37
linux-image-2.6.20-17-hppa32 2.6.20-17.37
linux-image-2.6.20-17-hppa64 2.6.20-17.37
linux-image-2.6.20-17-itanium 2.6.20-17.37
linux-image-2.6.20-17-lowlatency 2.6.20-17.37
linux-image-2.6.20-17-mckinley 2.6.20-17.37
linux-image-2.6.20-17-powerpc 2.6.20-17.37
linux-image-2.6.20-17-powerpc-smp 2.6.20-17.37
linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.37
linux-image-2.6.20-17-server 2.6.20-17.37
linux-image-2.6.20-17-server-bigiron 2.6.20-17.37
linux-image-2.6.20-17-sparc64 2.6.20-17.37
linux-image-2.6.20-17-sparc64-smp 2.6.20-17.37

Ubuntu 7.10:
linux-image-2.6.22-15-386 2.6.22-15.56
linux-image-2.6.22-15-cell 2.6.22-15.56
linux-image-2.6.22-15-generic 2.6.22-15.56
linux-image-2.6.22-15-hppa32 2.6.22-15.56
linux-image-2.6.22-15-hppa64 2.6.22-15.56
linux-image-2.6.22-15-itanium 2.6.22-15.56
linux-image-2.6.22-15-lpia 2.6.22-15.56
linux-image-2.6.22-15-lpiacompat 2.6.22-15.56
linux-image-2.6.22-15-mckinley 2.6.22-15.56
linux-image-2.6.22-15-powerpc 2.6.22-15.56
linux-image-2.6.22-15-powerpc-smp 2.6.22-15.56
linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.56
linux-image-2.6.22-15-rt 2.6.22-15.56
linux-image-2.6.22-15-server 2.6.22-15.56
linux-image-2.6.22-15-sparc64 2.6.22-15.56
linux-image-2.6.22-15-sparc64-smp 2.6.22-15.56
linux-image-2.6.22-15-ume 2.6.22-15.56
linux-image-2.6.22-15-virtual 2.6.22-15.56
linux-image-2.6.22-15-xen 2.6.22-15.56

Ubuntu 8.04 LTS:
linux-image-2.6.24-19-386 2.6.24-19.36
linux-image-2.6.24-19-generic 2.6.24-19.36
linux-image-2.6.24-19-hppa32 2.6.24-19.36
linux-image-2.6.24-19-hppa64 2.6.24-19.36
linux-image-2.6.24-19-itanium 2.6.24-19.36
linux-image-2.6.24-19-lpia 2.6.24-19.36
linux-image-2.6.24-19-lpiacompat 2.6.24-19.36
linux-image-2.6.24-19-mckinley 2.6.24-19.36
linux-image-2.6.24-19-openvz 2.6.24-19.36
linux-image-2.6.24-19-powerpc 2.6.24-19.36
linux-image-2.6.24-19-powerpc-smp 2.6.24-19.36
linux-image-2.6.24-19-powerpc64-smp 2.6.24-19.36
linux-image-2.6.24-19-rt 2.6.24-19.36
linux-image-2.6.24-19-server 2.6.24-19.36
linux-image-2.6.24-19-sparc64 2.6.24-19.36
linux-image-2.6.24-19-sparc64-smp 2.6.24-19.36
linux-image-2.6.24-19-virtual 2.6.24-19.36
linux-image-2.6.24-19-xen 2.6.24-19.36

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2007-6282)

Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712)

Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598)

Jan Kratochvil discovered that PTRACE did not correctly handle certain calls when running under 64bit kernels. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-1615)

Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT did not correctly handle certain length values. Remote attackers could exploit this to execute arbitrary code or crash the system. (CVE-2008-1673)

Paul Marks discovered that the SIT interfaces did not correctly manage allocated memory. A remote attacker could exploit this to fill all available memory, leading to a denial of service. (CVE-2008-2136)

David Miller and Jan Lieskovsky discovered that the Sparc kernel did not correctly range-check memory regions allocated with mmap. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2137)

The sys_utimensat system call did not correctly check file permissions in certain situations. A local attacker could exploit this to modify the file times of arbitrary files which could lead to a denial of service. (CVE-2008-2148)

Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code. (CVE-2008-2358)

A race condition was discovered between ptrace and utrace in the kernel. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2365)

The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729)

The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750)

Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826)

Original Source

Url : http://www.ubuntu.com/usn/USN-625-1

CWE : Common Weakness Enumeration

% Id Name
15 % CWE-399 Resource Management Errors
15 % CWE-264 Permissions, Privileges, and Access Controls
15 % CWE-200 Information Exposure
15 % CWE-189 Numeric Errors (CWE/SANS Top 25)
8 % CWE-362 Race Condition
8 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
8 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8 % CWE-20 Improper Input Validation
8 % CWE-16 Configuration

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10549
 
Oval ID: oval:org.mitre.oval:def:10549
Title: The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Description: The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Family: unix Class: vulnerability
Reference(s): CVE-2007-6282
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10721
 
Oval ID: oval:org.mitre.oval:def:10721
Title: Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
Description: Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0598
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10749
 
Oval ID: oval:org.mitre.oval:def:10749
Title: Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.
Description: Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2365
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11038
 
Oval ID: oval:org.mitre.oval:def:11038
Title: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Description: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2136
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11571
 
Oval ID: oval:org.mitre.oval:def:11571
Title: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Description: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2729
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17496
 
Oval ID: oval:org.mitre.oval:def:17496
Title: USN-625-1 -- linux, linux-source-2.6.15/20/22 vulnerabilities
Description: Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets.
Family: unix Class: patch
Reference(s): USN-625-1
CVE-2007-6282
CVE-2007-6712
CVE-2008-0598
CVE-2008-1615
CVE-2008-1673
CVE-2008-2136
CVE-2008-2137
CVE-2008-2148
CVE-2008-2358
CVE-2008-2365
CVE-2008-2729
CVE-2008-2750
CVE-2008-2826
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17814
 
Oval ID: oval:org.mitre.oval:def:17814
Title: USN-637-1 -- linux, linux-source-2.6.15/20/22 vulnerabilities
Description: It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code.
Family: unix Class: patch
Reference(s): USN-637-1
CVE-2008-2812
CVE-2008-2931
CVE-2008-3272
CVE-2008-3275
CVE-2008-0598
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18592
 
Oval ID: oval:org.mitre.oval:def:18592
Title: DSA-1588-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.
Family: unix Class: patch
Reference(s): DSA-1588-1
CVE-2007-6712
CVE-2008-1615
CVE-2008-2136
CVE-2008-2137
Version: 9
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
fai-kernels
user-mode-linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18678
 
Oval ID: oval:org.mitre.oval:def:18678
Title: DSA-1592-1 linux-2.6 - overflow conditions
Description: Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution.
Family: unix Class: patch
Reference(s): DSA-1592-1
CVE-2008-1673
CVE-2008-2358
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22087
 
Oval ID: oval:org.mitre.oval:def:22087
Title: ELSA-2008:0275: kernel security and bug fix update (Important)
Description: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Family: unix Class: patch
Reference(s): ELSA-2008:0275-01
CVE-2007-5093
CVE-2007-6282
CVE-2007-6712
CVE-2008-1615
Version: 21
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22647
 
Oval ID: oval:org.mitre.oval:def:22647
Title: ELSA-2008:0519: kernel security and bug fix update (Important)
Description: arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Family: unix Class: patch
Reference(s): ELSA-2008:0519-01
CVE-2008-0598
CVE-2008-2358
CVE-2008-2729
Version: 17
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6201
 
Oval ID: oval:org.mitre.oval:def:6201
Title: Linux Kernel copy_user() IA32 Emulation Bug Discloses Information to Local Users
Description: Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0598
Version: 1
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6503
 
Oval ID: oval:org.mitre.oval:def:6503
Title: Linux Kernel Memory Leak in SIT Code ipip6_rcv() Lets Remote Users Deny Service
Description: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2136
Version: 1
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8027
 
Oval ID: oval:org.mitre.oval:def:8027
Title: DSA-1588 linux-2.6 -- denial of service
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: Johannes Bauer discovered an integer overflow condition in the hrtimer subsystem on 64-bit systems. This can be exploited by local users to trigger a denial of service (DoS) by causing the kernel to execute an infinite loop. Jan Kratochvil reported a local denial of service condition that permits local users on systems running the amd64 flavor kernel to cause a system crash. Paul Harks discovered a memory leak in the Simple Internet Transition (SIT) code used for IPv6 over IPv4 tunnels. This can be exploited by remote users to cause a denial of service condition. David Miller and Jan Lieskovsky discovered issues with the virtual address range checking of mmaped regions on the sparc architecture that may be exploited by local users to cause a denial of service.
Family: unix Class: patch
Reference(s): DSA-1588
CVE-2007-6712
CVE-2008-1615
CVE-2008-2136
CVE-2008-2137
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8118
 
Oval ID: oval:org.mitre.oval:def:8118
Title: DSA-1592 linux-2.6 -- heap overflow
Description: Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems: Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package. Brandon Edwards of McAfee Avert labs discovered an issue in the DCCP subsystem. Due to missing feature length checks it is possible to cause an overflow that may result in remote arbitrary code execution.
Family: unix Class: patch
Reference(s): DSA-1592
CVE-2008-1673
CVE-2008-2358
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9210
 
Oval ID: oval:org.mitre.oval:def:9210
Title: Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
Description: Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
Family: unix Class: vulnerability
Reference(s): CVE-2007-6712
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9563
 
Oval ID: oval:org.mitre.oval:def:9563
Title: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Description: Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Family: unix Class: vulnerability
Reference(s): CVE-2008-1615
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9644
 
Oval ID: oval:org.mitre.oval:def:9644
Title: Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.
Description: Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2358
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 6
Os 13
Os 987
Os 2
Os 6
Os 2

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386
File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl
2010-09-10 Name : SuSE Update for kernel SUSE-SA:2010:036
File : nvt/gb_suse_2010_036.nasl
2009-10-13 Name : SLES10: Security update for Linux Kernel (x86)
File : nvt/sles10_kernel7.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel3.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel0.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5036146.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5028577.nasl
2009-06-30 Name : Fedora Core 9 FEDORA-2009-6846 (kernel)
File : nvt/fcore_2009_6846.nasl
2009-06-05 Name : Fedora Core 9 FEDORA-2009-5383 (kernel)
File : nvt/fcore_2009_5383.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:112 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_112.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:167 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_167.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:113 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_113.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1
File : nvt/gb_ubuntu_USN_625_1.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-637-1
File : nvt/gb_ubuntu_USN_637_1.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0973-03
File : nvt/gb_RHSA-2008_0973-03_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0237-01
File : nvt/gb_RHSA-2008_0237-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0275-01
File : nvt/gb_RHSA-2008_0275-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0508-01
File : nvt/gb_RHSA-2008_0508-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0519-01
File : nvt/gb_RHSA-2008_0519-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0607-01
File : nvt/gb_RHSA-2008_0607-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0612-01
File : nvt/gb_RHSA-2008_0612-01_kernel.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0973 centos3 i386
File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64
File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 x86_64
File : nvt/gb_CESA-2008_0508_kernel_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 i386
File : nvt/gb_CESA-2008_0508_kernel_centos4_i386.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-3949
File : nvt/gb_fedora_2008_3949_kernel_fc9.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-5893
File : nvt/gb_fedora_2008_5893_kernel_fc9.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-5308
File : nvt/gb_fedora_2008_5308_kernel_fc9.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-4043
File : nvt/gb_fedora_2008_4043_kernel_fc7.nasl
2009-02-17 Name : Fedora Update for kernel FEDORA-2008-5454
File : nvt/gb_fedora_2008_5454_kernel_fc8.nasl
2009-02-13 Name : Fedora Update for kernel FEDORA-2008-11618
File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl
2009-02-10 Name : CentOS Security Advisory CESA-2009:0001-01 (kernel)
File : nvt/ovcesa2009_0001_01.nasl
2009-02-02 Name : Fedora Core 9 FEDORA-2009-0816 (kernel)
File : nvt/fcore_2009_0816.nasl
2009-01-26 Name : RedHat Security Advisory RHSA-2009:0009
File : nvt/RHSA_2009_0009.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:048
File : nvt/gb_suse_2008_048.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:052
File : nvt/gb_suse_2008_052.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:047
File : nvt/gb_suse_2008_047.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:044
File : nvt/gb_suse_2008_044.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:037
File : nvt/gb_suse_2008_037.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:032
File : nvt/gb_suse_2008_032.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:031
File : nvt/gb_suse_2008_031.nasl
2009-01-23 Name : SuSE Update for kernel SUSE-SA:2008:030
File : nvt/gb_suse_2008_030.nasl
2009-01-13 Name : RedHat Security Advisory RHSA-2009:0001
File : nvt/RHSA_2009_0001.nasl
2009-01-07 Name : RedHat Security Advisory RHSA-2008:0787
File : nvt/RHSA_2008_0787.nasl
2008-09-04 Name : Debian Security Advisory DSA 1630-1 (linux-2.6)
File : nvt/deb_1630_1.nasl
2008-06-11 Name : Debian Security Advisory DSA 1592-2 (linux-2.6)
File : nvt/deb_1592_2.nasl
2008-06-11 Name : Debian Security Advisory DSA 1592-1 (linux-2.6)
File : nvt/deb_1592_1.nasl
2008-06-11 Name : Debian Security Advisory DSA 1588-2 (linux-2.6)
File : nvt/deb_1588_2.nasl
2008-06-11 Name : Debian Security Advisory DSA 1588-1 (linux-2.6)
File : nvt/deb_1588_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
48781 Linux Kernel Bit Emulation Crafted Binary Unspecified Local Memory Disclosure

48563 Linux Kernel ptrace / utrace Support PTRACE_ATTACH Call Handling Local DoS

48115 Linux Kernel on AMD64 arch/x86_64/lib/copy_user.S Destination Memory Local In...

48114 Linux Kernel SCTP net/sctp/socket.c sctp_getsockopt_local_addrs_old Function ...

46309 Linux Kernel Datagram Congestion Control Protocol (DCCP) Subsystem Remote Ove...

46164 Linux Kernel pppol2tp_recvmsg() Function L2TP Packet Handling Remote Memory C...

46104 Linux Kernel ASN.1 BER Data Decoding Remote Code Execution

45764 Linux Kernel sys_sparc.c Unspecified mmap Call Local DoS

45421 Linux Kernel net/ipv6/sit.c ipip6_rcv function Simple Internet Transition Tun...

45186 Linux Kernel utimensat System Call Arbitrary File Time Modification

44992 Linux Kernel on AMD64 Unspecified ptrace Calls Local DoS

44930 Linux Kernel IPsec Implementation Malformed Fragmented ESP Packet Remote DoS

44688 Linux Kernel on 64-bit hrtimer_forward Function (hrtimer.c) Timer Expiration ...

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-10-22 IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

Date Description
2014-01-10 IPv6 packets encapsulated in IPv4
RuleID : 8446 - Revision : 8 - Type : POLICY-OTHER
2014-01-10 (ipv6)IPV6tunneledoverIPv4,IPv6headertruncated,possibleLinuxkernelattack
RuleID : 291 - Revision : 2 - Type :
2014-01-10 Linux Kernel snmp nat netfilter memory corruption attempt
RuleID : 13773 - Revision : 8 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080804_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080723_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080625_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080625_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080507_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5239.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5477.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5608.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7063.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7059.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12636.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2009-10-19 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5473.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5235.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-080822.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-080721.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-080630.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-112.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-113.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-167.nasl - Type : ACT_GATHER_INFO
2009-01-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO
2008-12-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2008-12-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO
2008-11-12 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5751.nasl - Type : ACT_GATHER_INFO
2008-10-21 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO
2008-10-02 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5566.nasl - Type : ACT_GATHER_INFO
2008-08-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-637-1.nasl - Type : ACT_GATHER_INFO
2008-08-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO
2008-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO
2008-07-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-625-1.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5893.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5454.nasl - Type : ACT_GATHER_INFO
2008-06-16 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1592.nasl - Type : ACT_GATHER_INFO
2008-06-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-5308.nasl - Type : ACT_GATHER_INFO
2008-05-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1588.nasl - Type : ACT_GATHER_INFO
2008-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO
2008-05-20 Name : The remote Fedora host is missing a security update.
File : fedora_2008-4043.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3949.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:05:12
  • Multiple Updates