Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title linux-2.6 security update
Informations
Name DSA-2264 First vendor Publication 2011-06-18
Vendor Debian Last vendor Modification 2011-06-18
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2010-2524

David Howells reported an issue in the Common Internet File System (CIFS). Local users could cause arbitrary CIFS shares to be mounted by introducing malicious redirects.

CVE-2010-3875

Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory.

CVE-2010-4075

Dan Rosenberg reported an issue in the tty layer that may allow local users to obtain access to sensitive kernel memory.

CVE-2010-4655

Kees Cook discovered several issues in the ethtool interface which may allow local users with the CAP_NET_ADMIN capability to obtain access to sensitive kernel memory. CVE-2011-0695

Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service (kernel panic).

CVE-2011-0710

Al Viro reported an issue in the /proc//status interface on the s390 architecture. Local users could gain access to sensitive memory in processes they do not own via the task_show_regs entry.

CVE-2011-0711

Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory.

CVE-2011-0726

Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization (ASLR).

CVE-2011-1010

Timo Warns reported an issue in the Linux support for Mac partition tables. Local users with physical access could cause a denial of service (panic) by adding a storage device with a malicious map_count value. CVE-2011-1012

Timo Warns reported an issue in the Linux support for Mac partition tables. Local users with physical access could cause a denial of service (panic) by adding a storage device with a malicious map_count value. CVE-2011-1017 Timo Warns reported an issue in the Linux support for LDM partition tables. Users with physical access can gain access to sensitive kernel memory or gain elevated privileges by adding a storage device with a specially crafted LDM partition.

CVE-2011-1078

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory.

CVE-2011-1079

Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service (kernel Oops). CVE-2011-1080

Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory.

CVE-2011-1090

Neil Horman discovered a memory leak in the setacl() call on NFSv4 filesystems. Local users can exploit this to cause a denial of service (Oops).

CVE-2011-1093

Johan Hovold reported an issue in the Datagram Congestion Control Protocol (DCCP) implementation. Remote users could cause a denial of service by sending data after closing a socket.

CVE-2011-1160

Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory.

CVE-2011-1163

Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition.

CVE-2011-1170

Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory.

CVE-2011-1171

Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172

Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173

Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware.

CVE-2011-1180

Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges.

CVE-2011-1182

Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information.

CVE-2011-1477

Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable.

CVE-2011-1493

Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service by providing specially crafted facilities fields.

CVE-2011-1577

Timo Warns reported an issue in the Linux support for GPT partition tables. Local users with physical access could cause a denial of service (Oops) by adding a storage device with a malicious partition table header.

CVE-2011-1593

Robert Swiecki reported a signednes issue in the next_pidmap() function, which can be exploited my local users to cause a denial of service.

CVE-2011-1598

Dave Jones reported an issue in the Broadcast Manager Controller Area Network (CAN/BCM) protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service.

CVE-2011-1745

Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group.

CVE-2011-1746

Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group.

CVE-2011-1748

Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759

Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call.

CVE-2011-1767

Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialization.

CVE-2011-1768

Alexecy Dobriyan reported an issue in the IP tunnels implementation. Remote users can cause a denial of service by sending a packet during module initialization.

CVE-2011-1776

Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table.

CVE-2011-2022

Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group.

CVE-2011-2182

Ben Hutchings reported an issue with the fix for CVE-2011-1017 (see above) that made it insufficient to resolve the issue.

For the oldstable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny3. Updates for arm and hppa are not yet available, but will be released as soon as possible.

The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 5.0 (lenny) user-mode-linux 2.6.26-1um-2+26lenny3

We recommend that you upgrade your linux-2.6 and user-mode-linux packages. These updates will not become active until after your system is rebooted.

Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion.

Original Source

Url : http://www.debian.org/security/2011/dsa-2264

CWE : Common Weakness Enumeration

% Id Name
29 % CWE-200 Information Exposure
14 % CWE-20 Improper Input Validation
11 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9 % CWE-476 NULL Pointer Dereference
6 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
6 % CWE-362 Race Condition
6 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
6 % CWE-189 Numeric Errors (CWE/SANS Top 25)
3 % CWE-665 Improper Initialization
3 % CWE-399 Resource Management Errors
3 % CWE-369 Divide By Zero
3 % CWE-264 Permissions, Privileges, and Access Controls
3 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12997
 
Oval ID: oval:org.mitre.oval:def:12997
Title: DSA-2264-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2524 David Howells reported an issue in the Common Internet File System. Local users could cause arbitrary CIFS shares to be mounted by introducing malicious redirects. CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2010-4075 Dan Rosenberg reported an issue in the tty layer that may allow local users to obtain access to sensitive kernel memory. CVE-2010-4655 Kees Cook discovered several issues in the ethtool interface which may allow local users with the CAP_NET_ADMIN capability to obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service. CVE-2011-0710 Al Viro reported an issue in the /proc/<pid>/status interface on the s390 architecture. Local users could gain access to sensitive memory in processes they do not own via the task_show_regs entry. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization. CVE-2011-1010 Timo Warns reported an issue in the Linux support for Mac partition tables. Local users with physical access could cause a denial of service by adding a storage device with a malicious map_count value. CVE-2011-1012 Timo Warns reported an issue in the Linux support for Mac partition tables. Local users with physical access could cause a denial of service by adding a storage device with a malicious map_count value. CVE-2011-1017 Timo Warns reported an issue in the Linux support for LDM partition tables. Users with physical access can gain access to sensitive kernel memory or gain elevated privileges by adding a storage device with a specially crafted LDM partition. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl call on NFSv4 filesystems. Local users can exploit this to cause a denial of service. CVE-2011-1093 Johan Hovold reported an issue in the Datagram Congestion Control Protocol implementation. Remote users could cause a denial of service by sending data after closing a socket. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1577 Timo Warns reported an issue in the Linux support for GPT partition tables. Local users with physical access could cause a denial of service by adding a storage device with a malicious partition table header. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1768 Alexecy Dobriyan reported an issue in the IP tunnels implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-2182 Ben Hutchings reported an issue with the fix for CVE-2011-1017 that made it insufficient to resolve the issue.
Family: unix Class: patch
Reference(s): DSA-2264-1
CVE-2010-2524
CVE-2010-3875
CVE-2010-4075
CVE-2010-4655
CVE-2011-0695
CVE-2011-0710
CVE-2011-0711
CVE-2011-0726
CVE-2011-1010
CVE-2011-1012
CVE-2011-1017
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1090
CVE-2011-1093
CVE-2011-1160
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1477
CVE-2011-1493
CVE-2011-1577
CVE-2011-1593
CVE-2011-1598
CVE-2011-1745
CVE-2011-1746
CVE-2011-1748
CVE-2011-1759
CVE-2011-1767
CVE-2011-1768
CVE-2011-1776
CVE-2011-2022
CVE-2011-2182
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13013
 
Oval ID: oval:org.mitre.oval:def:13013
Title: DSA-2240-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization. CVE-2011-1016 Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video chips. Local users could pass arbitrary values to video memory and the graphics translation table, resulting in denial of service or escalated privileges. On default Debian installations, this is exploitable only by members of the "video" group. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl call on NFSv4 filesystems. Local users can explot this to cause a denial of service. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1476 Dan Rosenberg reported issues in the Open Sound System MIDI interface that allow local users to cause a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1478 Ryan Sweat reported an issue in the Generic Receive Offload support in the Linux networking subsystem. If an interface has GRO enabled and is running in promiscuous mode, remote users can cause a denial of service by sending packets on an unknown VLAN. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1494 Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges by specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1495 Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges and ready arbitrary kernel memory by using specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1585 Jeff Layton reported an issue in the Common Internet File System. Local users can bypass authentication requirements for shares that are already mounted by another user. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1770 Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol. Remote users can cause a denial of service or potentially obtain access to sensitive kernel memory. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group. This update also includes changes queued for the next point release of Debian 6.0, which also fix various non-security issues
Family: unix Class: patch
Reference(s): DSA-2240-1
CVE-2010-3875
CVE-2011-0695
CVE-2011-0711
CVE-2011-0726
CVE-2011-1016
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1090
CVE-2011-1160
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1476
CVE-2011-1477
CVE-2011-1478
CVE-2011-1493
CVE-2011-1494
CVE-2011-1495
CVE-2011-1585
CVE-2011-1593
CVE-2011-1598
CVE-2011-1745
CVE-2011-1746
CVE-2011-1748
CVE-2011-1759
CVE-2011-1767
CVE-2011-1770
CVE-2011-1776
CVE-2011-2022
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13433
 
Oval ID: oval:org.mitre.oval:def:13433
Title: USN-1093-1 -- linux-mvl-dove vulnerabilities
Description: Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Tavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Krishna Gudipati discovered that the bfa adapter driver did not correctly initialize certain structures. A local attacker could read files in /sys to crash the system, leading to a denial of service. Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. It was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges
Family: unix Class: patch
Reference(s): USN-1093-1
CVE-2010-3904
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-2478
CVE-2010-3084
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2954
CVE-2010-2955
CVE-2010-2960
CVE-2010-2962
CVE-2010-2963
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3858
CVE-2010-3859
CVE-2010-3861
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3881
CVE-2010-4072
CVE-2010-4073
CVE-2010-4075
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4158
CVE-2010-4160
CVE-2010-4162
CVE-2010-4163
CVE-2010-4668
CVE-2010-4164
CVE-2010-4165
CVE-2010-4169
CVE-2010-4175
CVE-2010-4242
CVE-2010-4248
CVE-2010-4249
CVE-2010-4258
CVE-2010-4343
CVE-2010-4346
CVE-2010-4526
CVE-2010-4527
CVE-2010-4648
CVE-2010-4649
CVE-2011-1044
CVE-2010-4650
CVE-2010-4655
CVE-2010-4656
CVE-2011-0006
CVE-2011-0521
CVE-2011-0712
CVE-2011-1010
CVE-2011-1012
CVE-2011-1082
CVE-2011-1093
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 10.04
Product(s): linux-mvl-dove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13699
 
Oval ID: oval:org.mitre.oval:def:13699
Title: USN-1111-1 -- linux-source-2.6.15 vulnerabilities
Description: linux-source-2.6.15: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1111-1
CVE-2010-4164
CVE-2010-4249
CVE-2010-4258
CVE-2010-4342
CVE-2010-4527
CVE-2010-4529
CVE-2011-0521
CVE-2011-0695
CVE-2011-1017
Version: 5
Platform(s): Ubuntu 6.06
Product(s): linux-source-2.6.15
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13824
 
Oval ID: oval:org.mitre.oval:def:13824
Title: USN-1170-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1170-1
CVE-2010-4076
CVE-2010-4077
CVE-2010-4247
CVE-2010-4526
CVE-2011-0726
CVE-2011-1163
CVE-2011-1577
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13906
 
Oval ID: oval:org.mitre.oval:def:13906
Title: USN-1183-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1183-1
CVE-2010-4076
CVE-2010-4077
CVE-2011-1090
CVE-2011-1163
CVE-2011-1577
CVE-2011-1598
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13909
 
Oval ID: oval:org.mitre.oval:def:13909
Title: USN-1164-1 -- linux-fsl-imx51 vulnerabilities
Description: linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1164-1
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4164
CVE-2010-4248
CVE-2010-4258
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-1017
CVE-2011-1182
CVE-2011-1494
CVE-2011-1495
CVE-2011-1593
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
CVE-2011-1748
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14116
 
Oval ID: oval:org.mitre.oval:def:14116
Title: USN-1146-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1146-1
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0695
CVE-2011-0712
CVE-2011-1012
CVE-2011-1017
CVE-2011-1593
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14248
 
Oval ID: oval:org.mitre.oval:def:14248
Title: DSA-2303-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-1576 Ryan Sweat discovered an issue in the VLAN implementation. Local users may be able to cause a kernel memory leak, resulting in a denial of service. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2517 It was discovered that the netlink-based wireless configuration interface performed insufficient length validation when parsing SSIDs, resulting in buffer overflows. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2700 Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the driver for the Si4713 FM Radio Transmitter driver used by N900 devices. Local users could exploit this issue to cause a denial of service or potentially gain elevated privileges. CVE-2011-2723 Brent Meshier reported an issue in the GRO implementation. This can be exploited by remote users to create a denial of service in certain network device configurations. CVE-2011-2905 Christian Ohm discovered that the "perf" analysis tool searches for its config files in the current working directory. This could lead to denial of service or potential privilege escalation if a user with elevated privileges is tricked into running "perf" in a directory under the control of the attacker. CVE-2011-2909 Vasiliy Kulikov of Openwall discovered that a programming error in the Comedi driver could lead to the information disclosure through leaked stack memory. CVE-2011-2918 Vince Weaver discovered that incorrect handling of software event overflows in the "perf" analysis tool could lead to local denial of service. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768
Family: unix Class: patch
Reference(s): DSA-2303-1
CVE-2011-1020
CVE-2011-1576
CVE-2011-2484
CVE-2011-2491
CVE-2011-2492
CVE-2011-2495
CVE-2011-2496
CVE-2011-2497
CVE-2011-2517
CVE-2011-2525
CVE-2011-2700
CVE-2011-2723
CVE-2011-2905
CVE-2011-2909
CVE-2011-2918
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-1768
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14257
 
Oval ID: oval:org.mitre.oval:def:14257
Title: DSA-2310-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4067 Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the auerswald module, a driver for Auerswald PBX/System Telephone USB devices. Attackers with physical access to a system's USB ports could obtain elevated privileges using a specially crafted USB device. CVE-2011-0712 Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq module, a USB driver for Native Instruments USB audio devices. Attackers with physical access to a system's USB ports could obtain elevated privileges using a specially crafted USB device. CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-2209 Dan Rosenberg discovered an issue in the osf_sysinfo system call on the alpha architecture. Local users could obtain access to sensitive kernel memory. CVE-2011-2211 Dan Rosenberg discovered an issue in the osf_wait4 system call on the alpha architecture permitting local users to gain elevated privileges. CVE-2011-2213 Dan Rosenberg discovered an issue in the INET socket monitoring interface. Local users could cause a denial of service by injecting code and causing the kernel to execute an infinite loop. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768
Family: unix Class: patch
Reference(s): DSA-2310-1
CVE-2009-4067
CVE-2011-0712
CVE-2011-1020
CVE-2011-2209
CVE-2011-2211
CVE-2011-2213
CVE-2011-2484
CVE-2011-2491
CVE-2011-2492
CVE-2011-2495
CVE-2011-2496
CVE-2011-2497
CVE-2011-2525
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-1768
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14888
 
Oval ID: oval:org.mitre.oval:def:14888
Title: DSA-2303-2 linux-2.6 -- privilege escalation/denial of service/information leak
Description: The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a regression that can result in an oops during invalid accesses to /proc/<pid>/maps files. The text of the original advisory is reproduced for reference: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-1576 Ryan Sweat discovered an issue in the VLAN implementation. Local users may be able to cause a kernel memory leak, resulting in a denial of service. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2517 It was discovered that the netlink-based wireless configuration interface performed insufficient length validation when parsing SSIDs, resulting in buffer overflows. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2700 Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the driver for the Si4713 FM Radio Transmitter driver used by N900 devices. Local users could exploit this issue to cause a denial of service or potentially gain elevated privileges. CVE-2011-2723 Brent Meshier reported an issue in the GRO implementation. This can be exploited by remote users to create a denial of service in certain network device configurations. CVE-2011-2905 Christian Ohm discovered that the "perf" analysis tool searches for its config files in the current working directory. This could lead to denial of service or potential privilege escalation if a user with elevated privileges is tricked into running "perf" in a directory under the control of the attacker. CVE-2011-2909 Vasiliy Kulikov of Openwall discovered that a programming error in the Comedi driver could lead to the information disclosure through leaked stack memory. CVE-2011-2918 Vince Weaver discovered that incorrect handling of software event overflows in the "perf" analysis tool could lead to local denial of service. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768
Family: unix Class: patch
Reference(s): DSA-2303-2
CVE-2011-1020
CVE-2011-1576
CVE-2011-2484
CVE-2011-2491
CVE-2011-2492
CVE-2011-2495
CVE-2011-2496
CVE-2011-2497
CVE-2011-2517
CVE-2011-2525
CVE-2011-2700
CVE-2011-2723
CVE-2011-2905
CVE-2011-2909
CVE-2011-2918
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
CVE-2011-1768
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15138
 
Oval ID: oval:org.mitre.oval:def:15138
Title: USN-1187-1 -- Linux kernel (Maverick backport) vulnerabilities
Description: linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1187-1
CVE-2010-3698
CVE-2010-3865
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3881
CVE-2010-4075
CVE-2010-4076
CVE-2010-4077
CVE-2010-4079
CVE-2010-4083
CVE-2010-4163
CVE-2010-4668
CVE-2010-4248
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4649
CVE-2011-1044
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-0726
CVE-2011-1010
CVE-2011-1012
CVE-2011-1013
CVE-2011-1016
CVE-2011-1017
CVE-2011-1019
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1082
CVE-2011-1090
CVE-2011-1093
CVE-2011-1160
CVE-2011-1163
CVE-2011-1169
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-2534
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1478
CVE-2011-1494
CVE-2011-1495
CVE-2011-1577
CVE-2011-1593
CVE-2011-1598
CVE-2011-1748
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15338
 
Oval ID: oval:org.mitre.oval:def:15338
Title: USN-1392-1 -- Linux kernel (FSL-IMX51) vulnerability
Description: linux-fsl-imx51: Linux kernel for IMX51 The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-1392-1
CVE-2011-2182
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19700
 
Oval ID: oval:org.mitre.oval:def:19700
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1593
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19711
 
Oval ID: oval:org.mitre.oval:def:19711
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0711
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19850
 
Oval ID: oval:org.mitre.oval:def:19850
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2524
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20210
 
Oval ID: oval:org.mitre.oval:def:20210
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1170
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20234
 
Oval ID: oval:org.mitre.oval:def:20234
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1746
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20263
 
Oval ID: oval:org.mitre.oval:def:20263
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1163
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20304
 
Oval ID: oval:org.mitre.oval:def:20304
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4655
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20313
 
Oval ID: oval:org.mitre.oval:def:20313
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1090
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20325
 
Oval ID: oval:org.mitre.oval:def:20325
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1182
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20410
 
Oval ID: oval:org.mitre.oval:def:20410
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1010
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20431
 
Oval ID: oval:org.mitre.oval:def:20431
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1745
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20437
 
Oval ID: oval:org.mitre.oval:def:20437
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0695
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20444
 
Oval ID: oval:org.mitre.oval:def:20444
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1172
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20485
 
Oval ID: oval:org.mitre.oval:def:20485
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1776
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20523
 
Oval ID: oval:org.mitre.oval:def:20523
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4075
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20539
 
Oval ID: oval:org.mitre.oval:def:20539
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0710
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20545
 
Oval ID: oval:org.mitre.oval:def:20545
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2022
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20548
 
Oval ID: oval:org.mitre.oval:def:20548
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1171
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20567
 
Oval ID: oval:org.mitre.oval:def:20567
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1080
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20573
 
Oval ID: oval:org.mitre.oval:def:20573
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1577
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20640
 
Oval ID: oval:org.mitre.oval:def:20640
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1079
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20650
 
Oval ID: oval:org.mitre.oval:def:20650
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0726
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20695
 
Oval ID: oval:org.mitre.oval:def:20695
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1078
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20697
 
Oval ID: oval:org.mitre.oval:def:20697
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1093
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22091
 
Oval ID: oval:org.mitre.oval:def:22091
Title: RHSA-2010:0610: kernel security and bug fix update (Important)
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: patch
Reference(s): RHSA-2010:0610-01
CESA-2010:0610
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23058
 
Oval ID: oval:org.mitre.oval:def:23058
Title: ELSA-2010:0610: kernel security and bug fix update (Important)
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: patch
Reference(s): ELSA-2010:0610-01
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 33
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27493
 
Oval ID: oval:org.mitre.oval:def:27493
Title: DEPRECATED: ELSA-2010-0610 -- kernel security and bug fix update (important)
Description: [2.6.18-194.11.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033]
Family: unix Class: patch
Reference(s): ELSA-2010-0610
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27903
 
Oval ID: oval:org.mitre.oval:def:27903
Title: ELSA-2011-2021 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (moderate)
Description: [2.6.32-100.37.1.el6uek] - [net] gre: fix netns vs proto registration ordering {CVE-2011-1767} - [net] tunnels: fix netns vs proto registration ordering {CVE-2011-1768}
Family: unix Class: patch
Reference(s): ELSA-2011-2021
CVE-2011-1767
CVE-2011-1768
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27955
 
Oval ID: oval:org.mitre.oval:def:27955
Title: ELSA-2011-2038 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493}
Family: unix Class: patch
Reference(s): ELSA-2011-2038
CVE-2011-1576
CVE-2011-4127
CVE-2011-1493
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 8
Os 1
Os 1401
Os 1
Os 1
Os 2
Os 1
Os 2
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 1
Os 2

OpenVAS Exploits

Date Description
2012-08-17 Name : CentOS Update for kernel CESA-2012:1156 centos6
File : nvt/gb_CESA-2012_1156_kernel_centos6.nasl
2012-08-17 Name : RedHat Update for kernel RHSA-2012:1156-01
File : nvt/gb_RHSA-2012_1156-01_kernel.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel)
File : nvt/gb_suse_2012_0236_1.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64
File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64
File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64
File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64
File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64
File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1189-01
File : nvt/gb_RHSA-2011_1189-01_kernel.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1350-01
File : nvt/gb_RHSA-2011_1350-01_kernel.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0421-01
File : nvt/gb_RHSA-2011_0421-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0498-01
File : nvt/gb_RHSA-2011_0498-01_kernel.nasl
2012-06-06 Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01
File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0836-01
File : nvt/gb_RHSA-2011_0836-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0928-01
File : nvt/gb_RHSA-2011_0928-01_kernel.nasl
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2012-03-09 Name : Ubuntu Update for linux-fsl-imx51 USN-1392-1
File : nvt/gb_ubuntu_USN_1392_1.nasl
2012-03-09 Name : Ubuntu Update for linux-ti-omap4 USN-1394-1
File : nvt/gb_ubuntu_USN_1394_1.nasl
2012-03-07 Name : Ubuntu Update for linux-ti-omap4 USN-1383-1
File : nvt/gb_ubuntu_USN_1383_1.nasl
2012-03-07 Name : Ubuntu Update for linux USN-1390-1
File : nvt/gb_ubuntu_USN_1390_1.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-25 Name : Ubuntu Update for linux USN-1268-1
File : nvt/gb_ubuntu_USN_1268_1.nasl
2011-11-25 Name : Ubuntu Update for linux-fsl-imx51 USN-1271-1
File : nvt/gb_ubuntu_USN_1271_1.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-31 Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1
File : nvt/gb_ubuntu_USN_1241_1.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-14 Name : Ubuntu Update for linux USN-1227-1
File : nvt/gb_ubuntu_USN_1227_1.nasl
2011-10-14 Name : Ubuntu Update for linux-ti-omap4 USN-1228-1
File : nvt/gb_ubuntu_USN_1228_1.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-10-10 Name : Ubuntu Update for linux USN-1225-1
File : nvt/gb_ubuntu_USN_1225_1.nasl
2011-09-30 Name : Ubuntu Update for linux-ec2 USN-1216-1
File : nvt/gb_ubuntu_USN_1216_1.nasl
2011-09-30 Name : Ubuntu Update for linux USN-1218-1
File : nvt/gb_ubuntu_USN_1218_1.nasl
2011-09-30 Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1
File : nvt/gb_ubuntu_USN_1219_1.nasl
2011-09-30 Name : Ubuntu Update for linux-ti-omap4 USN-1220-1
File : nvt/gb_ubuntu_USN_1220_1.nasl
2011-09-23 Name : Ubuntu Update for linux USN-1211-1
File : nvt/gb_ubuntu_USN_1211_1.nasl
2011-09-23 Name : Ubuntu Update for linux-ti-omap4 USN-1212-1
File : nvt/gb_ubuntu_USN_1212_1.nasl
2011-09-16 Name : Ubuntu Update for linux USN-1201-1
File : nvt/gb_ubuntu_USN_1201_1.nasl
2011-09-16 Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1203-1
File : nvt/gb_ubuntu_USN_1203_1.nasl
2011-09-16 Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-09-16 Name : Ubuntu Update for linux-lts-backport-maverick USN-1205-1
File : nvt/gb_ubuntu_USN_1205_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1208-1
File : nvt/gb_ubuntu_USN_1208_1.nasl
2011-08-27 Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1189-1
File : nvt/gb_ubuntu_USN_1189_1.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1193-1
File : nvt/gb_ubuntu_USN_1193_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1183-1
File : nvt/gb_ubuntu_USN_1183_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1186-1
File : nvt/gb_ubuntu_USN_1186_1.nasl
2011-08-12 Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0610 centos5 i386
File : nvt/gb_CESA-2010_0610_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0303 centos5 i386
File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0429 centos5 i386
File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0833 centos5 i386
File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0927 centos5 i386
File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18 Name : RedHat Update for kernel RHSA-2011:0927-01
File : nvt/gb_RHSA-2011_0927-01_kernel.nasl
2011-07-18 Name : Ubuntu Update for linux-mvl-dove USN-1159-1
File : nvt/gb_ubuntu_USN_1159_1.nasl
2011-07-18 Name : Ubuntu Update for linux-ec2 USN-1161-1
File : nvt/gb_ubuntu_USN_1161_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1168-1
File : nvt/gb_ubuntu_USN_1168_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1170-1
File : nvt/gb_ubuntu_USN_1170_1.nasl
2011-07-12 Name : Fedora Update for kernel FEDORA-2011-7823
File : nvt/gb_fedora_2011_7823_kernel_fc15.nasl
2011-07-08 Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-07-08 Name : Ubuntu Update for linux-mvl-dove USN-1162-1
File : nvt/gb_ubuntu_USN_1162_1.nasl
2011-07-08 Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1
File : nvt/gb_ubuntu_USN_1164_1.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-06-20 Name : Fedora Update for kernel FEDORA-2011-7551
File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl
2011-06-10 Name : Ubuntu Update for linux USN-1146-1
File : nvt/gb_ubuntu_USN_1146_1.nasl
2011-06-06 Name : RedHat Update for kernel RHSA-2011:0833-01
File : nvt/gb_RHSA-2011_0833-01_kernel.nasl
2011-06-06 Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl
2011-06-03 Name : Ubuntu Update for linux USN-1133-1
File : nvt/gb_ubuntu_USN_1133_1.nasl
2011-05-17 Name : Fedora Update for kernel FEDORA-2011-6541
File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl
2011-05-10 Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1
File : nvt/gb_ubuntu_USN_1111_1.nasl
2011-05-10 Name : Ubuntu Update for linux-ti-omap4 USN-1119-1
File : nvt/gb_ubuntu_USN_1119_1.nasl
2011-05-06 Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-04-19 Name : RedHat Update for kernel RHSA-2011:0429-01
File : nvt/gb_RHSA-2011_0429-01_kernel.nasl
2011-04-11 Name : Ubuntu Update for linux vulnerabilities USN-1105-1
File : nvt/gb_ubuntu_USN_1105_1.nasl
2011-03-15 Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2011-03-07 Name : RedHat Update for kernel RHSA-2011:0303-01
File : nvt/gb_RHSA-2011_0303-01_kernel.nasl
2011-03-07 Name : Ubuntu Update for linux vulnerabilities USN-1080-1
File : nvt/gb_ubuntu_USN_1080_1.nasl
2011-03-07 Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2
File : nvt/gb_ubuntu_USN_1080_2.nasl
2011-03-07 Name : Ubuntu Update for linux vulnerabilities USN-1081-1
File : nvt/gb_ubuntu_USN_1081_1.nasl
2011-03-07 Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1
File : nvt/gb_ubuntu_USN_1083_1.nasl
2011-02-28 Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1
File : nvt/gb_ubuntu_USN_1071_1.nasl
2011-02-28 Name : Ubuntu Update for linux vulnerabilities USN-1072-1
File : nvt/gb_ubuntu_USN_1072_1.nasl
2011-02-28 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1
File : nvt/gb_ubuntu_USN_1073_1.nasl
2011-02-18 Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01
File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl
2011-02-18 Name : Mandriva Update for kernel MDVSA-2011:029 (kernel)
File : nvt/gb_mandriva_MDVSA_2011_029.nasl
2011-01-31 Name : CentOS Update for kernel CESA-2011:0162 centos4 i386
File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl
2011-01-24 Name : Debian Security Advisory DSA 2126-1 (linux-2.6)
File : nvt/deb_2126_1.nasl
2011-01-21 Name : RedHat Update for kernel RHSA-2011:0162-01
File : nvt/gb_RHSA-2011_0162-01_kernel.nasl
2011-01-14 Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01
File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:039
File : nvt/gb_suse_2010_039.nasl
2010-12-28 Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23 Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18493
File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl
2010-10-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1
File : nvt/gb_ubuntu_USN_1000_1.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:046
File : nvt/gb_suse_2010_046.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:172 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_172.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14878
File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14890
File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl
2010-09-10 Name : Fedora Update for kernel FEDORA-2010-14235
File : nvt/gb_fedora_2010_14235_kernel_fc13.nasl
2010-09-07 Name : Fedora Update for kernel FEDORA-2010-13903
File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13058
File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13110
File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl
2010-08-13 Name : RedHat Update for kernel RHSA-2010:0610-01
File : nvt/gb_RHSA-2010_0610-01_kernel.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11412
File : nvt/gb_fedora_2010_11412_kernel_fc12.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11462
File : nvt/gb_fedora_2010_11462_kernel_fc13.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
75980 Linux Kernel CONFIG_OABI_COMPAT semtimedop Call Parsing Local Privilege Escal...

74662 Linux Kernel fs/partitions/ldm.c LDM Partition Evaluation Local DoS

74654 Linux Kernel EFI GUID Partition Table (GPT) Implementation Crafted Partition ...

74652 Linux Kernel ip_gre Module ipgre_init() Function Namespaces Setup Race Condit...

74651 Linux Kernel ipip Module ipip_init() Function Namespaces Setup Race Condition...

74650 Linux Kernel sco_sock_getsockopt() Function Local Memory Disclosure

74642 Linux Kernel do_replace() Function CAP_NET_ADMIN Capability Local Information...

74640 Linux Kernel TPM Devices Arbitrary Kernel Memory Disclosure

74639 Linux Kernel IrDA Module Peer name / attribute Handling Local Memory Corruption

74637 Linux Kernel Yamaha YM3812 / OPL-3 Chip Driver /dev/sequencer Crafted Ioctl L...

74636 Linux Kernel FAC_NATIONAL_DIGIS digipeater Handling Remote Heap Corruption

73882 Linux Kernel DCCP net/dccp/input.c dccp_rcv_state_process Function CLOSED End...

73872 Linux Kernel fs/proc/array.c do_task_stat Function Local ASLR Protection Mech...

73298 Linux Kernel on x86_64 net/econet/af_econet.c econet_sendmsg Function AUN Pac...

73297 Linux Kernel IPv6 net/ipv6/netfilter/ip6_tables.c CAP_NET_ADMIN Missing Null ...

73296 Linux Kernel IPv4 net/ipv4/netfilter/ip_tables.c CAP_NET_ADMIN Missing Null C...

73295 Linux Kernel IPv4 net/ipv4/netfilter/arp_tables.c CAP_NET_ADMIN Missing Null ...

73049 Linux Kernel fs/partitions/efi.c is_gpt_valid Function EFI GUID Partition Tab...

73046 Linux Kernel fs/partitions/osf.c osf_partition Function Partition Table Parsi...

73045 Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG...

73043 Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo...

73042 Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG...

73041 Linux Kernel fs/nfs/nfs4proc.c __nfs4_proc_set_acl Function kmalloc NFSv4 ACL...

73040 Linux Kernel net/can/raw.c raw_release Function Release Operation NULL Derefe...

73037 Linux Kernel fs/partitions/ldm.c ldm_parse_vmdb Function LDM Partition Table ...

72996 Linux Kernel fs/partitions/mac.c mac_partition Function Mac OS Partition Tabl...

71992 Linux Kernel kernel/pid.c next_pidmap() Function Local DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the next_pidmap() function in kernel/pid.c is exploited via a specially crafted 'getdents()' system call, resulting in a denial of service.
71884 Linux Kernel net/can/bcm.c bcm_release() Function NULL Dereference Local DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when a NULL pointer dereference error in the bcm_release() function to net/can/bcm.c occurs, and will result in loss of availability for the kernel.
71656 Linux Kernel net/bluetooth/bnep/sock.c bnep_sock_ioctl() System Information L...

71653 Linux Kernel rt_*sigqueueinfo() Functions SI_TKILL Signal Spoofing

71601 Linux Kernel ethtool IOCTL Handler ethtool_get_regs() Function Local Informat...

71599 Linux Kernel arch/s390/kernel/traps.c task_show_regs Function Arbitrary Proce...

71480 Linux Kernel cm_work_handler() Function InfiniBand Request Handling DoS

71359 Linux Kernel fs/partitions/ldm.c ldm_frag_add() LDM Partition Table Overflow

Linux Kernel is prone to an overflow condition. The 'ldm_frag_add()' function in 'fs/partitions/ldm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted LDM partition table, a physically present attacker can potentially gain elevated privileges or obtain sensitive information.
70950 Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'xfs_fs_geometry()' function in 'fs/xfs/xfs_fsops.c' fails to properly initialize the 'logsunit' member of the 'xfs_fsop_geom_t' structure, which will disclose kernel stack memory to a local attacker.
69522 Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call.
69161 Linux Kernel net/ax25/af_ax25.c ax25_getname() Function Stack Memory Disclosure

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'ax25_getname()' function in 'net/ax25/af_ax25.c' fails to properly initialize a member of a certain structure before copying it to userspace, which will disclose kernel stack memory to a local attacker.
66582 Linux Kernel CIFS DNS Resolver Lookup Results Keyring Cache Poisoning Weakness

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-02-02 IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545
2011-05-12 IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1708-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-04-24 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16477.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_Kernel-100824.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0928.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2019.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2021.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2024.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2038.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO
2013-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO
2012-12-28 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ofed-8386.nasl - Type : ACT_GATHER_INFO
2012-08-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120814_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100810_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110712_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110823_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1392-1.nasl - Type : ACT_GATHER_INFO
2012-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1394-1.nasl - Type : ACT_GATHER_INFO
2012-03-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1383-1.nasl - Type : ACT_GATHER_INFO
2012-03-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1390-1.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1341-1.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1332-1.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110823.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110824.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO
2011-11-29 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO
2011-11-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1268-1.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1271-1.nasl - Type : ACT_GATHER_INFO
2011-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO
2011-10-31 Name : The remote Fedora host is missing a security update.
File : fedora_2011-14747.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-10-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO
2011-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2011-10-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO
2011-09-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1211-1.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO
2011-09-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1201-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1205-1.nasl - Type : ACT_GATHER_INFO
2011-09-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO
2011-08-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2011-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1189-1.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-08-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO
2011-07-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-07-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0928.nasl - Type : ACT_GATHER_INFO
2011-07-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO
2011-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO
2011-06-30 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO
2011-06-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO
2011-06-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO
2011-06-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-7823.nasl - Type : ACT_GATHER_INFO
2011-06-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2011-06-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2011-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO
2011-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2011-05-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-04-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2011-04-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO
2011-03-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO
2011-03-25 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO
2011-03-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO
2011-02-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100903.nasl - Type : ACT_GATHER_INFO
2011-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-01-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO
2010-12-06 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO
2010-11-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11412.nasl - Type : ACT_GATHER_INFO
2010-08-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11462.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:30:16
  • Multiple Updates
2013-06-08 17:22:52
  • Multiple Updates
2013-03-01 17:20:40
  • Multiple Updates