Executive Summary
Summary | |
---|---|
Title | linux-2.6 security update |
Informations | |||
---|---|---|---|
Name | DSA-2153 | First vendor Publication | 2011-01-30 |
Vendor | Debian | Last vendor Modification | 2011-01-30 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions. CVE-2010-3699 Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures. CVE-2010-4158 Dan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service. CVE-2010-4242 Alan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service (NULL pointer dereference) due to a missing check for an existing tty write operation. CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service (Oops) due to incorrect assumptions about thread group leader behavior. CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets. CVE-2010-4258 Nelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process' fs set to KERNEL_DS. CVE-2010-4342 Nelson Elhage reported an issue in the econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability (NULL pointer dereference), a local user could obtain elevated privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service (kernel memory corruption) by transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 Dan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device (members of group 'audio' on default Debian installations) may contain access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation. CVE-2010-4649 Dan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service (memory corruption) by passing in a large cmd.ne value. CVE-2010-4656 Kees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices maybe able to overrun kernel buffers, resulting in a denial of service or privilege escalation. CVE-2010-4668 Dan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service (kernel panic) by submitting certain 0-length I/O requests. CVE-2011-0521 Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service. For the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny2. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 (lenny) user-mode-linux 2.6.26-1um-2+26lenny2 We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Note that these updates will not become active until after your system is rebooted. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2153 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
17 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
11 % | CWE-476 | NULL Pointer Dereference |
11 % | CWE-362 | Race Condition |
11 % | CWE-200 | Information Exposure |
11 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
6 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
6 % | CWE-399 | Resource Management Errors |
6 % | CWE-269 | Improper Privilege Management |
6 % | CWE-191 | Integer Underflow (Wrap or Wraparound) |
6 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
6 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
6 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12770 | |||
Oval ID: | oval:org.mitre.oval:def:12770 | ||
Title: | USN-1074-1 -- linux-fsl-imx51 vulnerabilities | ||
Description: | Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1074-1 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2240 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2803 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2959 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3861 CVE-2010-3904 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
Platform(s): | Ubuntu 9.10 | Product(s): | linux-fsl-imx51 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12874 | |||
Oval ID: | oval:org.mitre.oval:def:12874 | ||
Title: | DSA-2153-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions. CVE-2010-3699 Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures. CVE-2010-4158 Dan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service. CVE-2010-4242 Alan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service due to a missing check for an existing tty write operation. CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service due to incorrect assumptions about thread group leader behavior. CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets. CVE-2010-4258 Nelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process" fs set to KERNEL_DS. CVE-2010-4342 Nelson Elhage reported an issue in the econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability, a local user could obtain elevated privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service by transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 Dan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device may contain access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation. CVE-2010-4649 Dan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service by passing in a large cmd.ne value. CVE-2010-4656 Kees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices maybe able to overrun kernel buffers, resulting in a denial of service or privilege escalation. CVE-2010-4668 Dan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service by submitting certain 0-length I/O requests. CVE-2011-0521 Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2153-1 CVE-2010-0435 CVE-2010-3699 CVE-2010-4158 CVE-2010-4162 CVE-2010-4163 CVE-2010-4242 CVE-2010-4243 CVE-2010-4248 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4526 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565 CVE-2010-4649 CVE-2010-4656 CVE-2010-4668 CVE-2011-0521 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13173 | |||
Oval ID: | oval:org.mitre.oval:def:13173 | ||
Title: | USN-1086-1 -- linux-ec2 vulnerabilities | ||
Description: | Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1086-1 CVE-2010-4075 CVE-2010-4158 CVE-2010-4163 CVE-2010-4668 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13363 | |||
Oval ID: | oval:org.mitre.oval:def:13363 | ||
Title: | USN-1074-2 -- linux-fsl-imx51 vulnerabilities | ||
Description: | USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1074-2 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3301 CVE-2010-3081 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3858 CVE-2010-3861 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-fsl-imx51 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13949 | |||
Oval ID: | oval:org.mitre.oval:def:13949 | ||
Title: | USN-1119-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | linux-ti-omap4: Linux kernel for OMAP4 devices Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1119-1 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3081 CVE-2010-2954 CVE-2010-2955 CVE-2010-2960 CVE-2010-2962 CVE-2010-2963 CVE-2010-3079 CVE-2010-3080 CVE-2010-3437 CVE-2010-3705 CVE-2010-3861 CVE-2010-3865 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3881 CVE-2010-4072 CVE-2010-4079 CVE-2010-4158 CVE-2010-4164 CVE-2010-4165 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4527 CVE-2010-4529 | Version: | 5 |
Platform(s): | Ubuntu 10.10 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19610 | |||
Oval ID: | oval:org.mitre.oval:def:19610 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0521 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20281 | |||
Oval ID: | oval:org.mitre.oval:def:20281 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4248 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20348 | |||
Oval ID: | oval:org.mitre.oval:def:20348 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4346 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20378 | |||
Oval ID: | oval:org.mitre.oval:def:20378 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4158 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20480 | |||
Oval ID: | oval:org.mitre.oval:def:20480 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4242 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20490 | |||
Oval ID: | oval:org.mitre.oval:def:20490 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3699 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20503 | |||
Oval ID: | oval:org.mitre.oval:def:20503 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4243 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20528 | |||
Oval ID: | oval:org.mitre.oval:def:20528 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4649 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20611 | |||
Oval ID: | oval:org.mitre.oval:def:20611 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4249 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20627 | |||
Oval ID: | oval:org.mitre.oval:def:20627 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4526 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21743 | |||
Oval ID: | oval:org.mitre.oval:def:21743 | ||
Title: | RHSA-2011:0163: kernel security and bug fix update (Important) | ||
Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0163-01 CESA-2011:0163 CVE-2010-4526 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27959 | |||
Oval ID: | oval:org.mitre.oval:def:27959 | ||
Title: | ELSA-2011-2010 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important) | ||
Description: | [2.6.32-100.28.9.el6] - sync up the version [2.6.32-100.28.8.el6] - [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668} - scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249} - perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169} - tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165} - Enable module force load option [orabug 11782146] - Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522] [2.6.32-100.28.7.el6] - build from git [2.6.32-100.28.6.el6] - Remove crashkernel option if it is present [bug 11714928] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-2010 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 CVE-2010-4668 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28117 | |||
Oval ID: | oval:org.mitre.oval:def:28117 | ||
Title: | DEPRECATED: ELSA-2011-0004 -- kernel security, bug fix, and enhancement update (important) | ||
Description: | [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0004 CVE-2010-3432 CVE-2010-3442 CVE-2010-3699 CVE-2010-3858 CVE-2010-3859 CVE-2010-3865 CVE-2010-3876 CVE-2010-3880 CVE-2010-4083 CVE-2010-4157 CVE-2010-4161 CVE-2010-4242 CVE-2010-4247 CVE-2010-4248 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28143 | |||
Oval ID: | oval:org.mitre.oval:def:28143 | ||
Title: | DEPRECATED: ELSA-2011-0163 -- kernel security and bug fix update (important) | ||
Description: | [2.6.18-238.1.1.0.1.el5] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.1.1.el5] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [667141 665427] - [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [666792 660661] - [mm] prevent file lock corruption using popen(3) (Larry Woodman) [667050 664931] - [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665476 665477] {CVE-2010-4526} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0163 CVE-2010-4526 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28178 | |||
Oval ID: | oval:org.mitre.oval:def:28178 | ||
Title: | DEPRECATED: ELSA-2011-0283 -- kernel security, bug fix, and enhancement update (moderate) | ||
Description: | [2.6.32-71.18.1.el6] - [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] - [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] - [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] - [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] - [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0283 CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-12-07 | Linux Kernel <= 2.6.37 - Local Privilege Escalation |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64 File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0163 centos5 x86_64 File : nvt/gb_CESA-2011_0163_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64 File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64 File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:0283-01 File : nvt/gb_RHSA-2011_0283-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0498-01 File : nvt/gb_RHSA-2011_0498-01_kernel.nasl |
2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0004 centos5 i386 File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0163 centos5 i386 File : nvt/gb_CESA-2011_0163_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0303 centos5 i386 File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0927 centos5 i386 File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl |
2011-07-18 | Name : RedHat Update for kernel RHSA-2011:0927-01 File : nvt/gb_RHSA-2011_0927-01_kernel.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux USN-1160-1 File : nvt/gb_ubuntu_USN_1160_1.nasl |
2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
2011-06-10 | Name : Ubuntu Update for linux USN-1146-1 File : nvt/gb_ubuntu_USN_1146_1.nasl |
2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
2011-06-03 | Name : Ubuntu Update for linux USN-1133-1 File : nvt/gb_ubuntu_USN_1133_1.nasl |
2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
2011-03-07 | Name : RedHat Update for kernel RHSA-2011:0303-01 File : nvt/gb_RHSA-2011_0303-01_kernel.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1 File : nvt/gb_ubuntu_USN_1073_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux vulnerabilities USN-1072-1 File : nvt/gb_ubuntu_USN_1072_1.nasl |
2011-02-18 | Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01 File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
2011-02-04 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1 File : nvt/gb_ubuntu_USN_1054_1.nasl |
2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0163-01 File : nvt/gb_RHSA-2011_0163-01_kernel.nasl |
2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
2011-01-11 | Name : RedHat Update for kernel RHSA-2011:0004-01 File : nvt/gb_RHSA-2011_0004-01_kernel.nasl |
2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71649 | Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ... |
71602 | Linux Kernel IO-Warrior USB Device iowarrior_write() Function Local Privilege... |
70665 | Linux Kernel drivers/media/dvb/ttpci/av7110_ca.c dvb_ca_ioctl() Function Craf... A memory corruption flaw exists in Linux Kernel. The 'dvb_ca_ioctl()' function in 'drivers/media/dvb/ttpci/av7110_ca.c' fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted IOTCL, a local attacker can execute arbitrary code. |
70659 | Linux Kernel fs/exec.c Crafted Exec System Call OOM Dodging Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when fs/exec.c fails to enable the OOM Killer to assess memory use representing the arguments and environment, allowing a local attacker to use a crafted exec system call to cause an 'OOM dodging issue' denial of service. |
70379 | Linux Kernel drivers/bluetooth/hci_ldisc.c hci_uart_tty_open Function NULL De... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'hci_uart_tty_open' function in 'drivers/bluetooth/hci_ldisc.c' fails to properly verify whether the tty has a write operation, allowing a local attacker to cause a NULL pointer dereference denial of service via vectors related to the Bluetooth driver. |
70378 | Linux Kernel Locked Socket ICMP Unreachable Message Race Condition Remote DoS Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when a race condition occurs, allowing a remote attacker to cause a panic denial of service via an ICMP unreachable message to an already locked socket, triggering last corruption. |
70269 | Linux Kernel net/econet/af_econet.c aun_incoming Function UDP AUN Packet Remo... Linux Kernel contains a flaw related to the the 'aun_incoming' function in 'net/econet/af_econet.c'. The issue is triggered when a remote attacker sends an Acorn Universal Networking packet over UDP, causing a denial of service via a NULL pointerer dereference. |
70265 | Linux Kernel kernel/exit.c do_exit Function KERNEL_DS get_fs Value Handling L... Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'do_exit' function in 'kernel/exit.c' fails to properly handle a KERNEL_DS get_fs value, allowing a local attacker to bypass access_ok restrictions, overwrite arbitrary kernel memory locations, and gain elevated privileges. |
70240 | Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when Aa error within the 'load_mixer_volumes()' function in 'sound/oss/soundcard.c' occurs, which will disclose certain kernel memory to a local attacker via a crafted SOUND_MIXER_SETLEVELS IOCTL. |
70239 | Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_... Linux Kernel is prone to an overflow condition. The 'load_mixer_volumes()' function in 'sound/oss/soundcard.c' fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted SOUND_MIXER_SETLEVELS IOCTL, a local attacker can potentially execute arbitrary code. |
70229 | Linux Kernel Controller Area Network net/can/bcm.c bcm_connect Function Kerne... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'bcm_connect' function in 'net/can/bcm.c' creates a publicly accessible file whose filename contains a kernel memory address, which will disclose information about kernel memory use to a local attacker. |
70166 | Linux Kernel net/irda/af_irda.c irda_getsockopt() Integer Underflow Kernel Me... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when an integer underflow within the 'irda_getsockopt()' function in 'net/irda/af_irda.c' is exploited via a specially crafted 'IRLMP_ENUMDEVICES' getsockopt. This will disclose kernel memory information to a local attacker. |
69701 | Linux Kernel mm/mmap.c install_special_mapping() Function mmap_min_addr Local... Linux Kernel contains a flaw related to the 'install_special_mapping()' function in mm/mmap.c. It fails to properly restrict mappings below the"mmap_min_addr" sysctl limit, allowing a local attacker to map memory into forbidden areas. |
69578 | Linux Kernel kernel/exit.c the __exit_signal Function Thread Group Leader Rac... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a race condition in the '__exit_signal' function in 'kernel/exit.c' is exploited to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in 'kernel/posix-cpu-timers.c', and the selection of a new thread group leader in the 'de_thread' function 'in fs/exec.c'. |
69527 | Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets. |
69469 | Xen Backend Drivers Kernel Thread Reference Leak DoS Xen contains a flaw that may allow a local denial of service. The issue is triggered due to the backend drivers leaking references to kernel threads, which when exploited by a malicious guest can prevent a proper virtual shutdown, prevent 'xm' commands from functioning properly, and may result in loss of availability for the service. |
69453 | Linux Kernel block/blk-map.c blk_rq_map_user_iov() Function Zero-length I/O R... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when an error within the 'blk_rq_map_user_iov()' function in 'block/blk-map.c' when processing zero-length I/O requests occurs, allowing an attacker to cause a loss of availability. |
69452 | Linux Kernel fs/bio.c Multiple Function Page Allocation Crafted IOCTL Local O... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when page calculation errors in the 'bio_copy_user_iov()' and '__bio_map_user_iov()' functions within fs/bio.c are exploited to cause a large allocation. This will result in loss of availability. |
69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
67474 | Red Hat Enterprise Virtualization / KVM Hypervisor Intel VT-x Extension Instr... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0627.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0627.nasl - Type : ACT_GATHER_INFO |
2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO |
2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100819_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
2011-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO |
2011-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO |
2011-02-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
2011-01-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0627.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:50 |
|