This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2010-09-08
Product Linux Enterprise High Availability Extension Last view 2012-05-17
Version 11 Type Os
Update sp1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:linux_enterprise_high_availability_extension

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2012-05-17 CVE-2012-1097

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

5.5 2012-05-17 CVE-2012-1090

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

5.5 2012-05-17 CVE-2012-0879

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

7.2 2011-01-10 CVE-2010-3865

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow.

5.5 2010-09-30 CVE-2010-3079

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.

5.5 2010-09-30 CVE-2010-2538

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

7.1 2010-09-30 CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

7.2 2010-09-08 CVE-2010-2959

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.

1.9 2010-09-08 CVE-2010-2803

The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount.

7.8 2010-09-08 CVE-2010-2798

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

5.5 2010-09-08 CVE-2010-2066

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

CWE : Common Weakness Enumeration

%idName
33% (3) CWE-476 NULL Pointer Dereference
22% (2) CWE-200 Information Exposure
22% (2) CWE-190 Integer Overflow or Wraparound
11% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
11% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
70375 Linux Kernel net/rds/rdma.c rds_rdma_pages Function RDS Request iovec Struct ...
68304 Linux Kernel kernel/trace/ftrace.c debugfs File Descriptor lseek Call Local DoS
67917 Linux Kernel fs/btrfs/ioctl.c btrfs_ioctl_clone Function BTRFS_IOC_CLONE_RANG...
67916 Linux Kernel fs/btrfs/ioctl.c btrfs_ioctl_clone Function Arbitrary File Overw...
67892 Linux Kernel fs/ext4/move_extent.c mext_check_arguments Function MOVE_EXT IOC...
67366 Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R...
67335 Linux Kernel Controller Area Network net/can/bcm.c Broadcast Manager Implemen...
67334 Linux Kernel drivers/gpu/drm/drm_drv.c drm_ioctl() Function Crafted IOCTL Ker...

ExploitDB Exploits

id Description
14814 Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2469-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2469_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2443_1.nasl
2012-12-18 Name : Fedora Update for kernel FEDORA-2012-20240
File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl
2012-11-29 Name : Fedora Update for kernel FEDORA-2012-18691
File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl
2012-11-06 Name : Fedora Update for kernel FEDORA-2012-17479
File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl
2012-09-04 Name : Fedora Update for kernel FEDORA-2012-12684
File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl
2012-08-06 Name : Fedora Update for kernel FEDORA-2012-11348
File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64
File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0481 centos6
File : nvt/gb_CESA-2012_0481_kernel_centos6.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2012:0481-01
File : nvt/gb_RHSA-2012_0481-01_kernel.nasl
2012-06-25 Name : Fedora Update for kernel FEDORA-2012-8931
File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl
2012-06-15 Name : Fedora Update for kernel FEDORA-2012-8890
File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-06-01 Name : Ubuntu Update for linux-ti-omap4 USN-1458-1
File : nvt/gb_ubuntu_USN_1458_1.nasl
2012-05-17 Name : Fedora Update for kernel FEDORA-2012-7594
File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl
2012-05-14 Name : Fedora Update for kernel FEDORA-2012-7538
File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl
2012-05-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1440-1
File : nvt/gb_ubuntu_USN_1440_1.nasl
2012-05-08 Name : Ubuntu Update for linux USN-1432-1
File : nvt/gb_ubuntu_USN_1432_1.nasl
2012-05-04 Name : Ubuntu Update for linux-lts-backport-oneiric USN-1433-1
File : nvt/gb_ubuntu_USN_1433_1.nasl
2012-05-04 Name : Ubuntu Update for linux USN-1431-1
File : nvt/gb_ubuntu_USN_1431_1.nasl
2012-04-26 Name : Ubuntu Update for linux-ec2 USN-1426-1
File : nvt/gb_ubuntu_USN_1426_1.nasl
2012-04-26 Name : Ubuntu Update for linux USN-1425-1
File : nvt/gb_ubuntu_USN_1425_1.nasl
2012-04-26 Name : Fedora Update for kernel FEDORA-2012-6406
File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl
2012-04-13 Name : Ubuntu Update for linux USN-1422-1
File : nvt/gb_ubuntu_USN_1422_1.nasl
2012-04-13 Name : Ubuntu Update for linux-lts-backport-maverick USN-1421-1
File : nvt/gb_ubuntu_USN_1421_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2011-A-0147 Multiple Vulnerabilities in VMware ESX and ESXi
Severity: Category I - VMSKEY: V0030545
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_VMSA-2011-0012_remote.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0042.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2013-0039.nasl - Type: ACT_GATHER_INFO
2014-11-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0622.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-0531.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-235.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-342.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-756.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_Kernel-100824.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_kernel-100915.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_kernel-100921.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_kernel-101215.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0610.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0661.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0723.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-2011.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0004.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0007.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-0481.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-2007.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-2008.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2010-0661.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2010-0723.nasl - Type: ACT_GATHER_INFO
2013-03-09 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1083-1.nasl - Type: ACT_GATHER_INFO