Executive Summary

Summary
Title linux security update
Informations
Name DSA-2926 First vendor Publication 2014-05-12
Vendor Debian Last vendor Modification 2014-05-12
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation:

CVE-2014-0196

Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation.

CVE-2014-1737 / CVE-2014-1738

Matthew Daley discovered that missing input sanitising in the FDRAWCMD ioctl and an information leak could result in privilege escalation.

CVE-2014-2851

Incorrect reference counting in the ping_init_sock() function allows denial of service or privilege escalation.

CVE-2014-3122

Incorrect locking of memory can result in local denial of service.

For the stable distribution (wheezy), these problems have been fixed in version 3.2.57-3+deb7u1. This update also fixes a regression in the isci driver and suspend problems with certain AMD CPUs (introduced in the updated kernel from the Wheezy 7.5 point release).

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your linux packages.

Original Source

Url : http://www.debian.org/security/2014/dsa-2926

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-754 Improper Check for Unusual or Exceptional Conditions
20 % CWE-416 Use After Free
20 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
20 % CWE-362 Race Condition
20 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24204
 
Oval ID: oval:org.mitre.oval:def:24204
Title: RHSA-2014:0740: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0740-00
CESA-2014:0740
CVE-2013-7339
CVE-2014-1737
CVE-2014-1738
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24338
 
Oval ID: oval:org.mitre.oval:def:24338
Title: USN-2227-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2227-1
CVE-2014-0196
CVE-2014-1738
CVE-2014-1737
CVE-2013-4483
CVE-2014-0069
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24445
 
Oval ID: oval:org.mitre.oval:def:24445
Title: USN-2200-1 -- linux-lts-raring vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2200-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24487
 
Oval ID: oval:org.mitre.oval:def:24487
Title: DSA-2928-1 linux-2.6 - security update
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-2928-1
CVE-2014-0196
CVE-2014-1737
CVE-2014-1738
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24543
 
Oval ID: oval:org.mitre.oval:def:24543
Title: USN-2203-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2203-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24548
 
Oval ID: oval:org.mitre.oval:def:24548
Title: USN-2226-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2226-1
CVE-2014-1738
CVE-2014-1737
CVE-2014-0077
CVE-2014-2851
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24568
 
Oval ID: oval:org.mitre.oval:def:24568
Title: USN-2234-1 -- linux-ec2 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2234-1
CVE-2014-3153
CVE-2013-4387
CVE-2013-4470
CVE-2013-4483
CVE-2014-1438
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24658
 
Oval ID: oval:org.mitre.oval:def:24658
Title: USN-2239-1 -- linux-lts-saucy vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2239-1
CVE-2014-3153
CVE-2014-0155
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24668
 
Oval ID: oval:org.mitre.oval:def:24668
Title: USN-2202-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2202-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24673
 
Oval ID: oval:org.mitre.oval:def:24673
Title: USN-2199-1 -- linux-lts-quantal vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2199-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24706
 
Oval ID: oval:org.mitre.oval:def:24706
Title: USN-2201-1 -- linux-lts-saucy vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2201-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24732
 
Oval ID: oval:org.mitre.oval:def:24732
Title: USN-2225-1 -- linux-lts-saucy vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2225-1
CVE-2014-1738
CVE-2014-1737
CVE-2014-0055
CVE-2014-0077
CVE-2014-0100
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2673
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24747
 
Oval ID: oval:org.mitre.oval:def:24747
Title: USN-2204-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2204-1
CVE-2014-0196
Version: 4
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24748
 
Oval ID: oval:org.mitre.oval:def:24748
Title: USN-2221-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2221-1
CVE-2014-1738
CVE-2014-1737
CVE-2013-4483
CVE-2014-0069
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24753
 
Oval ID: oval:org.mitre.oval:def:24753
Title: USN-2240-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2240-1
CVE-2014-3153
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24761
 
Oval ID: oval:org.mitre.oval:def:24761
Title: USN-2224-1 -- linux-lts-raring vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2224-1
CVE-2014-1738
CVE-2014-1737
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24818
 
Oval ID: oval:org.mitre.oval:def:24818
Title: USN-2197-1 -- linux-ec2 vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2197-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24832
 
Oval ID: oval:org.mitre.oval:def:24832
Title: USN-2235-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2235-1
CVE-2014-3153
CVE-2014-0055
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24838
 
Oval ID: oval:org.mitre.oval:def:24838
Title: USN-2198-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2198-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24844
 
Oval ID: oval:org.mitre.oval:def:24844
Title: USN-2241-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2241-1
CVE-2014-3153
CVE-2014-0155
CVE-2014-2568
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24852
 
Oval ID: oval:org.mitre.oval:def:24852
Title: USN-2233-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2233-1
CVE-2014-3153
CVE-2013-4387
CVE-2013-4470
CVE-2013-4483
CVE-2014-1438
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24853
 
Oval ID: oval:org.mitre.oval:def:24853
Title: USN-2223-1 -- linux-lts-quantal vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2223-1
CVE-2014-1738
CVE-2014-1737
CVE-2013-4483
CVE-2014-0055
CVE-2014-0077
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24860
 
Oval ID: oval:org.mitre.oval:def:24860
Title: USN-2236-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2236-1
CVE-2014-3153
CVE-2014-0055
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24863
 
Oval ID: oval:org.mitre.oval:def:24863
Title: USN-2196-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2196-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24889
 
Oval ID: oval:org.mitre.oval:def:24889
Title: USN-2228-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2228-1
CVE-2014-1738
CVE-2014-1737
CVE-2014-0055
CVE-2014-0077
CVE-2014-0100
CVE-2014-0101
CVE-2014-2309
CVE-2014-2523
CVE-2014-2672
CVE-2014-2673
CVE-2014-2678
CVE-2014-2706
CVE-2014-2851
Version: 3
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24916
 
Oval ID: oval:org.mitre.oval:def:24916
Title: ELSA-2014:0740: kernel security and bug fix update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0740-00
CVE-2013-7339
CVE-2014-1737
CVE-2014-1738
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25161
 
Oval ID: oval:org.mitre.oval:def:25161
Title: USN-2260-1 -- linux-lts-trusty vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-2260-1
CVE-2014-0196
CVE-2014-3153
CVE-2014-1738
CVE-2014-1737
CVE-2014-0077
CVE-2014-2568
CVE-2014-2851
CVE-2014-3122
Version: 3
Platform(s): Ubuntu 12.04
Product(s): linux-lts-trusty
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25233
 
Oval ID: oval:org.mitre.oval:def:25233
Title: SUSE-SU-2014:0667-1 -- Security update for Linux Kernel
Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues: * CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690)
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0667-1
CVE-2014-1737
CVE-2014-1738
CVE-2014-0196
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25258
 
Oval ID: oval:org.mitre.oval:def:25258
Title: RHSA-2014:0678: kernel security update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important) All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0678-00
CVE-2014-0196
Version: 4
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25408
 
Oval ID: oval:org.mitre.oval:def:25408
Title: SUSE-SU-2014:0696-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise Server 11 SP2 LTSS kernel received a roll-up update to fix security and non-security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0696-1
CVE-2013-4470
CVE-2013-4579
CVE-2013-6382
CVE-2013-6885
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2013-7339
CVE-2014-0069
CVE-2014-0101
CVE-2014-0196
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1737
CVE-2014-1738
CVE-2014-1874
CVE-2014-2039
CVE-2014-2523
CVE-2014-2678
CVE-2014-3122
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25438
 
Oval ID: oval:org.mitre.oval:def:25438
Title: SUSE-SU-2014:0772-1 -- Security update for Linux Kernel
Description: The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0772-1
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2014-1737
CVE-2014-1738
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25440
 
Oval ID: oval:org.mitre.oval:def:25440
Title: SUSE-SU-2014:0773-1 -- Security update for Linux Kernel
Description: The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0773-1
CVE-2013-6382
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2014-1737
CVE-2014-1738
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26156
 
Oval ID: oval:org.mitre.oval:def:26156
Title: SUSE-SU-2014:0832-1 -- Security update for Linux Kernel
Description: The SUSE Linux Enterprise Server 10 SP3 LTSS received a roll up update to fix several security and non-security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0832-1
CVE-2013-0343
CVE-2013-2888
CVE-2013-2893
CVE-2013-2897
CVE-2013-4470
CVE-2013-4483
CVE-2013-4588
CVE-2013-6382
CVE-2013-6383
CVE-2013-7263
CVE-2013-7264
CVE-2013-7265
CVE-2014-1444
CVE-2014-1445
CVE-2014-1446
CVE-2014-1737
CVE-2014-1738
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26919
 
Oval ID: oval:org.mitre.oval:def:26919
Title: ELSA-2014-3018 -- Unbreakable Enterprise kernel security update (Important)
Description: [3.8.13-26.2.3.el6uek] - net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603523] {CVE-2014-2851}
Family: unix Class: patch
Reference(s): ELSA-2014-3018
CVE-2014-2851
Version: 5
Platform(s): Oracle Linux 6
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26989
 
Oval ID: oval:org.mitre.oval:def:26989
Title: ELSA-2014-3019 -- Unbreakable Enterprise kernel security update (Important)
Description: [2.6.39-400.214.5.el6uek] - net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603524] {CVE-2014-2851}
Family: unix Class: patch
Reference(s): ELSA-2014-3019
CVE-2014-2851
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): kernel-uek
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27162
 
Oval ID: oval:org.mitre.oval:def:27162
Title: ELSA-2014-0678 -- kernel security update (important)
Description: [3.10.0-123.1.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.1.2] - [tty] n_tty: Fix n_tty_write crash when echoing in raw mode (Aristeu Rozanski) [1094241 1094242] {CVE-2014-0196}
Family: unix Class: patch
Reference(s): ELSA-2014-0678
CVE-2014-0196
Version: 3
Platform(s): Oracle Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27221
 
Oval ID: oval:org.mitre.oval:def:27221
Title: DEPRECATED: ELSA-2014-0740 -- kernel security and bug fix update (important)
Description: kernel [2.6.18-371.9.1] - [nfs] sunrpc: don't use a credential with extra groups (Mateusz Guzik) [1095062 976201] - [scsi] lpfc: Remove NDLP reference put in lpfc_cmpl_els_logo_acc (Rob Evers) [1096061 1075228] - [infiniband] rds: dereference of a NULL device (Jacob Tanenbaum) [1079216 1079217] {CVE-2013-7339} - [kernel] futex: check relative timeouts for overflow (Denys Vlasenko) [1091832 1084168] - [virt] kvm: correctly detect KVM when hv emulation is enalbed (Jason Wang) [1094152 985767] - [security] Fix spurious warnings in security_ops_task_setrlimit (Mateusz Guzik) [1092869 916235] - [block] floppy: don't write kernel-only members to FDRAWCMD output (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737} - [block] floppy: ignore kernel-only members in FDRAWCMD input (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737}
Family: unix Class: patch
Reference(s): ELSA-2014-0740
CVE-2013-7339
CVE-2014-1737
CVE-2014-1738
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27323
 
Oval ID: oval:org.mitre.oval:def:27323
Title: ELSA-2014-0740-1 -- kernel security and bug fix update (important)
Description: kernel [2.6.18-371.9.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Family: unix Class: patch
Reference(s): ELSA-2014-0740-1
CVE-2013-7339
CVE-2014-1737
CVE-2014-1738
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
ocfs2
oracleasm
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27352
 
Oval ID: oval:org.mitre.oval:def:27352
Title: ELSA-2014-3041 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [3.8.13-35.1.2.el6uek] - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028443] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028436] {CVE-2014-1737}
Family: unix Class: patch
Reference(s): ELSA-2014-3041
CVE-2014-1737
CVE-2014-1738
Version: 5
Platform(s): Oracle Linux 6
Product(s): dtrace-modules
kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 17
Application 7
Application 10
Application 7
Application 29
Application 12
Application 23
Application 19
Application 23
Application 8
Application 19
Application 13
Application 24
Application 1
Application 1
Application 6
Application 1
Application 4
Application 6
Application 6
Application 1
Hardware 7
Hardware 6
Hardware 3
Os 5
Os 2
Os 2078
Os 2
Os 1
Os 3
Os 1
Os 1
Os 1
Os 1
Os 2
Os 1
Os 1
Os 2

ExploitDB Exploits

id Description
2014-05-26 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...
2014-04-18 Linux group_info refcounter - Overflow Memory Corruption

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0773-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0772-1.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2014-11-20 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15852.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0801.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-11-11 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0815.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-1168.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1101.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0900.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0800.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0772.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0512.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141014_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3082.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3083.nasl - Type : ACT_GATHER_INFO
2014-10-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-392.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-339.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15319.nasl - Type : ACT_GATHER_INFO
2014-08-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3054.nasl - Type : ACT_GATHER_INFO
2014-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3053.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0786.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0678.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0786.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0678.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0557.nasl - Type : ACT_GATHER_INFO
2014-07-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO
2014-07-02 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-451.nasl - Type : ACT_GATHER_INFO
2014-06-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2260-1.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-441.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3041.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3042.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3043.nasl - Type : ACT_GATHER_INFO
2014-06-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140619_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0771.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0740-1.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-06-12 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140610_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-06-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2241-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2240-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2239-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2235-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2234-1.nasl - Type : ACT_GATHER_INFO
2014-06-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2233-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2225-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2228-1.nasl - Type : ACT_GATHER_INFO
2014-05-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2226-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2220-1.nasl - Type : ACT_GATHER_INFO
2014-05-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2219-1.nasl - Type : ACT_GATHER_INFO
2014-05-22 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6354.nasl - Type : ACT_GATHER_INFO
2014-05-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO
2014-05-19 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6357.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140513.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2928.nasl - Type : ACT_GATHER_INFO
2014-05-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2926.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6122.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2204-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2203-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2202-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2201-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2200-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2199-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2198-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2197-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2196-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Fedora host is missing a security update.
File : fedora_2014-5609.nasl - Type : ACT_GATHER_INFO
2014-04-21 Name : The remote Fedora host is missing a security update.
File : fedora_2014-5235.nasl - Type : ACT_GATHER_INFO
2014-04-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3018.nasl - Type : ACT_GATHER_INFO
2014-04-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3019.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-05-14 13:24:40
  • Multiple Updates
2014-05-12 21:28:49
  • Multiple Updates
2014-05-12 21:22:16
  • First insertion