Executive Summary

Summary
Title Linux kernel vulnerabilities
Informations
Name USN-714-1 First vendor Publication 2009-01-29
Vendor Ubuntu Last vendor Modification 2009-01-29
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:
linux-image-2.6.15-53-386 2.6.15-53.75
linux-image-2.6.15-53-686 2.6.15-53.75
linux-image-2.6.15-53-amd64-generic 2.6.15-53.75
linux-image-2.6.15-53-amd64-k8 2.6.15-53.75
linux-image-2.6.15-53-amd64-server 2.6.15-53.75
linux-image-2.6.15-53-amd64-xeon 2.6.15-53.75
linux-image-2.6.15-53-hppa32 2.6.15-53.75
linux-image-2.6.15-53-hppa32-smp 2.6.15-53.75
linux-image-2.6.15-53-hppa64 2.6.15-53.75
linux-image-2.6.15-53-hppa64-smp 2.6.15-53.75
linux-image-2.6.15-53-itanium 2.6.15-53.75
linux-image-2.6.15-53-itanium-smp 2.6.15-53.75
linux-image-2.6.15-53-k7 2.6.15-53.75
linux-image-2.6.15-53-mckinley 2.6.15-53.75
linux-image-2.6.15-53-mckinley-smp 2.6.15-53.75
linux-image-2.6.15-53-powerpc 2.6.15-53.75
linux-image-2.6.15-53-powerpc-smp 2.6.15-53.75
linux-image-2.6.15-53-powerpc64-smp 2.6.15-53.75
linux-image-2.6.15-53-server 2.6.15-53.75
linux-image-2.6.15-53-server-bigiron 2.6.15-53.75
linux-image-2.6.15-53-sparc64 2.6.15-53.75
linux-image-2.6.15-53-sparc64-smp 2.6.15-53.75

Ubuntu 7.10:
linux-image-2.6.22-16-386 2.6.22-16.61
linux-image-2.6.22-16-cell 2.6.22-16.61
linux-image-2.6.22-16-generic 2.6.22-16.61
linux-image-2.6.22-16-hppa32 2.6.22-16.61
linux-image-2.6.22-16-hppa64 2.6.22-16.61
linux-image-2.6.22-16-itanium 2.6.22-16.61
linux-image-2.6.22-16-lpia 2.6.22-16.61
linux-image-2.6.22-16-lpiacompat 2.6.22-16.61
linux-image-2.6.22-16-mckinley 2.6.22-16.61
linux-image-2.6.22-16-powerpc 2.6.22-16.61
linux-image-2.6.22-16-powerpc-smp 2.6.22-16.61
linux-image-2.6.22-16-powerpc64-smp 2.6.22-16.61
linux-image-2.6.22-16-rt 2.6.22-16.61
linux-image-2.6.22-16-server 2.6.22-16.61
linux-image-2.6.22-16-sparc64 2.6.22-16.61
linux-image-2.6.22-16-sparc64-smp 2.6.22-16.61
linux-image-2.6.22-16-ume 2.6.22-16.61
linux-image-2.6.22-16-virtual 2.6.22-16.61
linux-image-2.6.22-16-xen 2.6.22-16.61

Ubuntu 8.04 LTS:
linux-image-2.6.24-23-386 2.6.24-23.48
linux-image-2.6.24-23-generic 2.6.24-23.48
linux-image-2.6.24-23-hppa32 2.6.24-23.48
linux-image-2.6.24-23-hppa64 2.6.24-23.48
linux-image-2.6.24-23-itanium 2.6.24-23.48
linux-image-2.6.24-23-lpia 2.6.24-23.48
linux-image-2.6.24-23-lpiacompat 2.6.24-23.48
linux-image-2.6.24-23-mckinley 2.6.24-23.48
linux-image-2.6.24-23-openvz 2.6.24-23.48
linux-image-2.6.24-23-powerpc 2.6.24-23.48
linux-image-2.6.24-23-powerpc-smp 2.6.24-23.48
linux-image-2.6.24-23-powerpc64-smp 2.6.24-23.48
linux-image-2.6.24-23-rt 2.6.24-23.48
linux-image-2.6.24-23-server 2.6.24-23.48
linux-image-2.6.24-23-sparc64 2.6.24-23.48
linux-image-2.6.24-23-sparc64-smp 2.6.24-23.48
linux-image-2.6.24-23-virtual 2.6.24-23.48
linux-image-2.6.24-23-xen 2.6.24-23.48

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)

It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)

It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)

It was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)

It was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)

It was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected. (CVE-2008-5713)

Original Source

Url : http://www.ubuntu.com/usn/USN-714-1

CWE : Common Weakness Enumeration

% Id Name
57 % CWE-399 Resource Management Errors
29 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14 % CWE-362 Race Condition

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10283
 
Oval ID: oval:org.mitre.oval:def:10283
Title: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5300
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10584
 
Oval ID: oval:org.mitre.oval:def:10584
Title: The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
Description: The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5182
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10948
 
Oval ID: oval:org.mitre.oval:def:10948
Title: libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
Description: libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5700
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11288
 
Oval ID: oval:org.mitre.oval:def:11288
Title: net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.
Description: net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5079
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11344
 
Oval ID: oval:org.mitre.oval:def:11344
Title: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
Description: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5702
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11427
 
Oval ID: oval:org.mitre.oval:def:11427
Title: Service Console update for COS kernel
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5300
Version: 3
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13163
 
Oval ID: oval:org.mitre.oval:def:13163
Title: USN-715-1 -- linux vulnerabilities
Description: Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Helge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. It was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. It was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-715-1
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
CVE-2008-5395
CVE-2008-5700
CVE-2008-5702
Version: 5
Platform(s): Ubuntu 8.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19922
 
Oval ID: oval:org.mitre.oval:def:19922
Title: DSA-1681-1 linux-2.6.24 - several vulnerabilities
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-1681-1
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4618
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5134
CVE-2008-5182
CVE-2008-5300
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19979
 
Oval ID: oval:org.mitre.oval:def:19979
Title: DSA-1687-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-1687-1
CVE-2008-3527
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): fai-kernels
linux-2.6
user-mode-linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21793
 
Oval ID: oval:org.mitre.oval:def:21793
Title: ELSA-2009:0225: Oracle Linux 5.x.3 kernel security and bug fix update (Important)
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: patch
Reference(s): ELSA-2009:0225-03
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
Version: 21
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29343
 
Oval ID: oval:org.mitre.oval:def:29343
Title: RHSA-2009:0225 -- Red Hat Enterprise Linux 5.3 kernel security and bug fix update (Important)
Description: Updated kernel packages that fix three security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the third regular update. This update has been rated as having important security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2009:0225
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7980
 
Oval ID: oval:org.mitre.oval:def:7980
Title: DSA-1681 linux-2.6.24 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family: unix Class: patch
Reference(s): DSA-1681
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4618
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5134
CVE-2008-5182
CVE-2008-5300
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8144
 
Oval ID: oval:org.mitre.oval:def:8144
Title: DSA-1687 linux-2.6 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation. Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family: unix Class: patch
Reference(s): DSA-1687
CVE-2008-3527
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8606
 
Oval ID: oval:org.mitre.oval:def:8606
Title: VMware kernel libata vulnerability
Description: libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5700
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9385
 
Oval ID: oval:org.mitre.oval:def:9385
Title: The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
Description: The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5713
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 1106

ExploitDB Exploits

id Description
2008-12-10 Linux Kernel <= 2.6.27.8 - ATMSVC Local Denial of Service Exploit

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for kernel CESA-2009:1550 centos3 i386
File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0326 centos5 i386
File : nvt/gb_CESA-2009_0326_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0014 centos4 i386
File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0331 centos4 i386
File : nvt/gb_CESA-2009_0331_kernel_centos4_i386.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13098 (kernel)
File : nvt/fcore_2009_13098.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1550 (kernel)
File : nvt/ovcesa2009_1550.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1550
File : nvt/RHSA_2009_1550.nasl
2009-11-11 Name : Fedora Core 10 FEDORA-2009-11038 (kernel)
File : nvt/fcore_2009_11038.nasl
2009-10-19 Name : Fedora Core 10 FEDORA-2009-10525 (kernel)
File : nvt/fcore_2009_10525.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel4.nasl
2009-10-06 Name : Fedora Core 10 FEDORA-2009-10165 (kernel)
File : nvt/fcore_2009_10165.nasl
2009-09-02 Name : Fedora Core 10 FEDORA-2009-8647 (kernel)
File : nvt/fcore_2009_8647.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8264 (kernel)
File : nvt/fcore_2009_8264.nasl
2009-06-30 Name : Fedora Core 10 FEDORA-2009-6883 (kernel)
File : nvt/fcore_2009_6883.nasl
2009-06-09 Name : SuSE Security Advisory SUSE-SA:2009:030 (kernel)
File : nvt/suse_sa_2009_030.nasl
2009-06-05 Name : Fedora Core 10 FEDORA-2009-5356 (kernel)
File : nvt/fcore_2009_5356.nasl
2009-05-11 Name : Debian Security Advisory DSA 1794-1 (linux-2.6)
File : nvt/deb_1794_1.nasl
2009-05-05 Name : Debian Security Advisory DSA 1787-1 (linux-2.6.24)
File : nvt/deb_1787_1.nasl
2009-04-28 Name : CentOS Security Advisory CESA-2009:0331 (kernel)
File : nvt/ovcesa2009_0331.nasl
2009-04-06 Name : CentOS Security Advisory CESA-2009:0326 (kernel)
File : nvt/ovcesa2009_0326.nasl
2009-04-06 Name : RedHat Security Advisory RHSA-2009:0326
File : nvt/RHSA_2009_0326.nasl
2009-03-13 Name : RedHat Security Advisory RHSA-2009:0331
File : nvt/RHSA_2009_0331.nasl
2009-03-02 Name : RedHat Security Advisory RHSA-2009:0021
File : nvt/RHSA_2009_0021.nasl
2009-03-02 Name : SuSE Security Advisory SUSE-SA:2009:010 (kernel)
File : nvt/suse_sa_2009_010.nasl
2009-02-13 Name : Fedora Update for kernel FEDORA-2008-11593
File : nvt/gb_fedora_2008_11593_kernel_fc10.nasl
2009-02-13 Name : Fedora Update for kernel FEDORA-2008-11618
File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl
2009-02-13 Name : RedHat Security Advisory RHSA-2009:0264
File : nvt/RHSA_2009_0264.nasl
2009-02-10 Name : RedHat Security Advisory RHSA-2009:0053
File : nvt/RHSA_2009_0053.nasl
2009-02-02 Name : Fedora Core 10 FEDORA-2009-0923 (kernel)
File : nvt/fcore_2009_0923.nasl
2009-02-02 Name : Fedora Core 9 FEDORA-2009-0816 (kernel)
File : nvt/fcore_2009_0816.nasl
2009-02-02 Name : Mandrake Security Advisory MDVSA-2009:032 (kernel)
File : nvt/mdksa_2009_032.nasl
2009-02-02 Name : Ubuntu USN-715-1 (linux)
File : nvt/ubuntu_715_1.nasl
2009-01-26 Name : RedHat Security Advisory RHSA-2009:0225
File : nvt/RHSA_2009_0225.nasl
2009-01-26 Name : SuSE Security Advisory SUSE-SA:2009:004 (kernel)
File : nvt/suse_sa_2009_004.nasl
2009-01-20 Name : CentOS Security Advisory CESA-2009:0014 (kernel)
File : nvt/ovcesa2009_0014.nasl
2009-01-20 Name : SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug)
File : nvt/suse_sa_2009_003.nasl
2009-01-20 Name : RedHat Security Advisory RHSA-2009:0014
File : nvt/RHSA_2009_0014.nasl
2008-12-23 Name : Debian Security Advisory DSA 1687-1 (linux-2.6)
File : nvt/deb_1687_1.nasl
2008-12-10 Name : Debian Security Advisory DSA 1681-1 (linux-2.6.24)
File : nvt/deb_1681_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
51476 Linux Kernel on SMP net/sched/sch_generic.c __qdisc_run function Connection S...

51001 Linux Kernel drivers/watchdog/ib700wdt.c ibwdt_ioctl Function Local Underflow

51000 Linux Kernel libata SG_IO Request Timeout Invocation Saturation Local DoS

50966 Linux Kernel ATM Subsystem net/atm/svc.c vcc Table Corruption Local DoS

50331 Linux Kernel inotify Functionality inotify / umount Unspecified Local Privile...

50272 Linux Kernel sendmsg() Socket Operation Garbage Collector Local DoS

49957 Linux Kernel libertas Subsystem drivers/net/wireless/libertas/scan.c lbs_proc...

Nessus® Vulnerability Scanner

Date Description
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0004.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0331.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0326.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0264.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0021.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090210_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090312_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090401_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091103_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5927.nasl - Type : ACT_GATHER_INFO
2010-06-28 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0010.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0326.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0331.nasl - Type : ACT_GATHER_INFO
2009-11-23 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5924.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-090114.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-090225.nasl - Type : ACT_GATHER_INFO
2009-06-09 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-6274.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1794.nasl - Type : ACT_GATHER_INFO
2009-05-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1787.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11593.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-032.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-714-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-715-1.nasl - Type : ACT_GATHER_INFO
2009-04-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0326.nasl - Type : ACT_GATHER_INFO
2009-03-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0331.nasl - Type : ACT_GATHER_INFO
2009-02-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0264.nasl - Type : ACT_GATHER_INFO
2009-01-22 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5920.nasl - Type : ACT_GATHER_INFO
2009-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0225.nasl - Type : ACT_GATHER_INFO
2009-01-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2008-12-26 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11618.nasl - Type : ACT_GATHER_INFO
2008-12-16 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1687.nasl - Type : ACT_GATHER_INFO
2008-12-05 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1681.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:05:39
  • Multiple Updates