Executive Summary

Summary
Title kfreebsd-8 security update
Informations
Name DSA-2508 First vendor Publication 2012-07-22
Vendor Debian Last vendor Modification 2012-07-22
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.

For the stable distribution (squeeze), this problem has been fixed in version 8.1+dfsg-8+squeeze3.

For the testing distribution (wheezy), this problem has been fixed in version 8.3-4.

For the unstable distribution (sid), this problem has been fixed in version 8.3-4.

We recommend that you upgrade your kfreebsd-8 packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2508

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15596
 
Oval ID: oval:org.mitre.oval:def:15596
Title: User Mode Scheduler Memory Corruption Vulnerability (CVE-2012-0217)
Description: The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
Family: windows Class: vulnerability
Reference(s): CVE-2012-0217
 Version: 8
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008 R2
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19281
 
Oval ID: oval:org.mitre.oval:def:19281
Title: CRITICAL PATCH UPDATE OCTOBER 2012
Description: The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
Family: unix Class: vulnerability
Reference(s): CVE-2012-0217
 Version: 3
Platform(s): Sun Solaris 10
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19861
 
Oval ID: oval:org.mitre.oval:def:19861
Title: DSA-2508-1 kfreebsd-8 - privilege escalation
Description: Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.
Family: unix Class: patch
Reference(s): DSA-2508-1
CVE-2012-0217
 Version: 5
Platform(s): Debian GNU/kFreeBSD 6.0
 Product(s): kfreebsd-8
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 18
Application 2
Application 16
Os 289
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 74
Os 42
Os 44

OpenVAS Exploits

Date Description
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2501-1 (xen)
File : nvt/deb_2501_1.nasl
2012-08-06 Name : Fedora Update for xen FEDORA-2012-11190
File : nvt/gb_fedora_2012_11190_xen_fc16.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0721 centos5
File : nvt/gb_CESA-2012_0721_kernel_centos5.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9399
File : nvt/gb_fedora_2012_9399_xen_fc16.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9430
File : nvt/gb_fedora_2012_9430_xen_fc15.nasl
2012-06-15 Name : RedHat Update for kernel RHSA-2012:0721-01
File : nvt/gb_RHSA-2012_0721-01_kernel.nasl
2012-06-13 Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
File : nvt/secpod_ms12-042.nasl

Nessus® Vulnerability Scanner

Date Description
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2012-0022.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2012-0021.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2012-0020.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote Solaris system is missing a security patch from CPU oct2012.
File : solaris_oct2012_SRU10_5.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-404.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-403.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-24.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0721-1.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0721.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xen-201206-120606.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0720.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120612_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-23 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2508.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2501.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_aed44c4ec06711e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO
2012-06-26 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9430.nasl - Type : ACT_GATHER_INFO
2012-06-26 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9399.nasl - Type : ACT_GATHER_INFO
2012-06-26 Name : The remote Fedora host is missing a security update.
File : fedora_2012-9386.nasl - Type : ACT_GATHER_INFO
2012-06-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0721.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The Windows kernel is affected by multiple elevation of privilege vulnerabili...
File : smb_nt_ms12-042.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xen-201206-8180.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0721.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:31:12
  • Multiple Updates