Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2014:124 | First vendor Publication | 2014-06-13 |
| Vendor | Mandriva | Last vendor Modification | 2014-06-13 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple vulnerabilities has been found and corrected in the Linux kernel: kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number (CVE-2014-3917). The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification (CVE-2014-3153). Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions (CVE-2014-2672). The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced (CVE-2014-3144). The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced (CVE-2014-3145). Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter (CVE-2014-2851). The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the LECHO & !OPOST case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings (CVE-2014-0196). The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device (CVE-2014-1738). The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device (CVE-2014-1737). The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports (CVE-2014-2678). drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions (CVE-2014-0077). The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets (CVE-2014-2309). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function (CVE-2014-2523). Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c (CVE-2014-2706). The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk (CVE-2014-0101). The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer (CVE-2014-0069). arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction (CVE-2014-2039). Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function (CVE-2012-2137). The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context (CVE-2014-1874). The updated packages provides a solution for these security issues. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:124 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 21 % | CWE-20 | Improper Input Validation |
| 16 % | CWE-362 | Race Condition |
| 16 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 11 % | CWE-476 | NULL Pointer Dereference |
| 11 % | CWE-200 | Information Exposure |
| 5 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 5 % | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
| 5 % | CWE-416 | Use After Free |
| 5 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 5 % | CWE-125 | Out-of-bounds Read |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:24074 | |||
| Oval ID: | oval:org.mitre.oval:def:24074 | ||
| Title: | USN-2135-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2135-1 CVE-2013-4579 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2013-7281 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24102 | |||
| Oval ID: | oval:org.mitre.oval:def:24102 | ||
| Title: | USN-2134-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2134-1 CVE-2013-4579 CVE-2013-6368 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24204 | |||
| Oval ID: | oval:org.mitre.oval:def:24204 | ||
| Title: | RHSA-2014:0740: kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0740-00 CESA-2014:0740 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24233 | |||
| Oval ID: | oval:org.mitre.oval:def:24233 | ||
| Title: | USN-2136-1 -- linux-lts-raring vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2136-1 CVE-2013-4579 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6376 CVE-2013-6380 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2013-7281 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24238 | |||
| Oval ID: | oval:org.mitre.oval:def:24238 | ||
| Title: | USN-2175-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2175-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24316 | |||
| Oval ID: | oval:org.mitre.oval:def:24316 | ||
| Title: | USN-2138-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2138-1 CVE-2013-4579 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2013-7281 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24338 | |||
| Oval ID: | oval:org.mitre.oval:def:24338 | ||
| Title: | USN-2227-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2227-1 CVE-2014-0196 CVE-2014-1738 CVE-2014-1737 CVE-2013-4483 CVE-2014-0069 CVE-2014-0077 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24383 | |||
| Oval ID: | oval:org.mitre.oval:def:24383 | ||
| Title: | USN-2174-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2174-1 CVE-2014-0101 CVE-2014-2523 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24394 | |||
| Oval ID: | oval:org.mitre.oval:def:24394 | ||
| Title: | USN-2139-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2139-1 CVE-2013-4579 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2013-7281 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24395 | |||
| Oval ID: | oval:org.mitre.oval:def:24395 | ||
| Title: | USN-2133-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2133-1 CVE-2013-4579 CVE-2013-6368 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24404 | |||
| Oval ID: | oval:org.mitre.oval:def:24404 | ||
| Title: | USN-2141-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2141-1 CVE-2013-4579 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2013-7281 CVE-2014-1438 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24412 | |||
| Oval ID: | oval:org.mitre.oval:def:24412 | ||
| Title: | DSA-2906-1 linux-2.6 - several | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2906-1 CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2929 CVE-2013-4162 CVE-2013-4299 CVE-2013-4345 CVE-2013-4512 CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6381 CVE-2013-6382 CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7339 CVE-2014-0101 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 CVE-2014-2039 CVE-2014-2523 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24423 | |||
| Oval ID: | oval:org.mitre.oval:def:24423 | ||
| Title: | USN-2129-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2129-1 CVE-2013-0160 CVE-2013-2929 CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6382 CVE-2013-7027 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24445 | |||
| Oval ID: | oval:org.mitre.oval:def:24445 | ||
| Title: | USN-2200-1 -- linux-lts-raring vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2200-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24461 | |||
| Oval ID: | oval:org.mitre.oval:def:24461 | ||
| Title: | USN-2179-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2179-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24473 | |||
| Oval ID: | oval:org.mitre.oval:def:24473 | ||
| Title: | USN-2237-1 -- linux-lts-quantal vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2237-1 CVE-2014-3153 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24487 | |||
| Oval ID: | oval:org.mitre.oval:def:24487 | ||
| Title: | DSA-2928-1 linux-2.6 - security update | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2928-1 CVE-2014-0196 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24543 | |||
| Oval ID: | oval:org.mitre.oval:def:24543 | ||
| Title: | USN-2203-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2203-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24554 | |||
| Oval ID: | oval:org.mitre.oval:def:24554 | ||
| Title: | USN-2180-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2180-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24573 | |||
| Oval ID: | oval:org.mitre.oval:def:24573 | ||
| Title: | ELSA-2014:0475: kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0475-00 CVE-2013-6383 CVE-2014-0077 CVE-2014-2523 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24576 | |||
| Oval ID: | oval:org.mitre.oval:def:24576 | ||
| Title: | USN-2181-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2181-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24577 | |||
| Oval ID: | oval:org.mitre.oval:def:24577 | ||
| Title: | RHSA-2014:0475: kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0475-00 CESA-2014:0475 CVE-2013-6383 CVE-2014-0077 CVE-2014-2523 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24637 | |||
| Oval ID: | oval:org.mitre.oval:def:24637 | ||
| Title: | USN-2176-1 -- linux-lts-raring vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2176-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24668 | |||
| Oval ID: | oval:org.mitre.oval:def:24668 | ||
| Title: | USN-2202-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2202-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24673 | |||
| Oval ID: | oval:org.mitre.oval:def:24673 | ||
| Title: | USN-2199-1 -- linux-lts-quantal vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2199-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24706 | |||
| Oval ID: | oval:org.mitre.oval:def:24706 | ||
| Title: | USN-2201-1 -- linux-lts-saucy vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2201-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24711 | |||
| Oval ID: | oval:org.mitre.oval:def:24711 | ||
| Title: | DSA-2950-1 openssl - security update | ||
| Description: | Multiple vulnerabilities have been discovered in OpenSSL. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2950-1 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3153 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24732 | |||
| Oval ID: | oval:org.mitre.oval:def:24732 | ||
| Title: | USN-2225-1 -- linux-lts-saucy vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2225-1 CVE-2014-1738 CVE-2014-1737 CVE-2014-0055 CVE-2014-0077 CVE-2014-0100 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2673 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24747 | |||
| Oval ID: | oval:org.mitre.oval:def:24747 | ||
| Title: | USN-2204-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2204-1 CVE-2014-0196 | Version: | 4 |
| Platform(s): | Ubuntu 14.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24778 | |||
| Oval ID: | oval:org.mitre.oval:def:24778 | ||
| Title: | USN-2220-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2220-1 CVE-2014-1738 CVE-2014-1737 CVE-2013-7339 CVE-2014-2678 | Version: | 3 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24779 | |||
| Oval ID: | oval:org.mitre.oval:def:24779 | ||
| Title: | DSA-2949-1 linux - security update | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2949-1 CVE-2014-3144 CVE-2014-3145 CVE-2014-3153 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24818 | |||
| Oval ID: | oval:org.mitre.oval:def:24818 | ||
| Title: | USN-2197-1 -- linux-ec2 vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2197-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24826 | |||
| Oval ID: | oval:org.mitre.oval:def:24826 | ||
| Title: | USN-2178-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2178-1 CVE-2014-0049 CVE-2014-0069 | Version: | 4 |
| Platform(s): | Ubuntu 12.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24836 | |||
| Oval ID: | oval:org.mitre.oval:def:24836 | ||
| Title: | USN-2259-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2259-1 CVE-2014-1739 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24838 | |||
| Oval ID: | oval:org.mitre.oval:def:24838 | ||
| Title: | USN-2198-1 -- linux vulnerability | ||
| Description: | The system could be made to crash or run programs as an administrator. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2198-1 CVE-2014-0196 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24864 | |||
| Oval ID: | oval:org.mitre.oval:def:24864 | ||
| Title: | USN-2177-1 -- linux-lts-saucy vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2177-1 CVE-2014-0049 CVE-2014-0069 | Version: | 5 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24889 | |||
| Oval ID: | oval:org.mitre.oval:def:24889 | ||
| Title: | USN-2228-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2228-1 CVE-2014-1738 CVE-2014-1737 CVE-2014-0055 CVE-2014-0077 CVE-2014-0100 CVE-2014-0101 CVE-2014-2309 CVE-2014-2523 CVE-2014-2672 CVE-2014-2673 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 | Version: | 3 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24916 | |||
| Oval ID: | oval:org.mitre.oval:def:24916 | ||
| Title: | ELSA-2014:0740: kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0740-00 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24924 | |||
| Oval ID: | oval:org.mitre.oval:def:24924 | ||
| Title: | RHSA-2014:0771: kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * It was discovered that the proc_ns_follow_link() function did not properly return the LAST_BIND value in the last pathname component as is expected for procfs symbolic links, which could lead to excessive freeing of memory and consequent slab corruption. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-0203, Moderate) * A flaw was found in the way the Linux kernel handled exceptions when user-space applications attempted to use the linkage stack. On IBM S/390 systems, a local, unprivileged user could use this flaw to crash the system. (CVE-2014-2039, Moderate) * An invalid pointer dereference flaw was found in the Marvell 8xxx Libertas WLAN (libertas) driver in the Linux kernel. A local user able to write to a file that is provided by the libertas driver and located on the debug file system (debugfs) could use this flaw to crash the system. Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default. (CVE-2013-6378, Low) * A denial of service flaw was discovered in the way the Linux kernel's SELinux implementation handled files with an empty SELinux security context. A local user who has the CAP_MAC_ADMIN capability could use this flaw to crash the system. (CVE-2014-1874, Low) Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738, and Vladimir Davydov of Parallels for reporting CVE-2014-0203. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0771-00 CESA-2014:0771 CVE-2013-6378 CVE-2014-0203 CVE-2014-1737 CVE-2014-1738 CVE-2014-1874 CVE-2014-2039 CVE-2014-3153 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24966 | |||
| Oval ID: | oval:org.mitre.oval:def:24966 | ||
| Title: | USN-2262-1 -- linux-lts-quantal vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2262-1 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25019 | |||
| Oval ID: | oval:org.mitre.oval:def:25019 | ||
| Title: | USN-2261-1 -- linux-lts-saucy vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2261-1 CVE-2014-1739 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-saucy |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25021 | |||
| Oval ID: | oval:org.mitre.oval:def:25021 | ||
| Title: | USN-2252-1 -- linux-ec2 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2252-1 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25045 | |||
| Oval ID: | oval:org.mitre.oval:def:25045 | ||
| Title: | SUSE-SU-2014:0775-1 -- Security update for Linux Kernel | ||
| Description: | The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a critical privilege escalation security issue: * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be used to gain ring0 access via the futex syscall. This could be used for privilege escalation by non-root users. (bnc#880892) Security Issue reference: * CVE-2014-3153 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0775-1 CVE-2014-3153 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | Linux Kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25157 | |||
| Oval ID: | oval:org.mitre.oval:def:25157 | ||
| Title: | USN-2264-1 -- linux vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2264-1 CVE-2014-1739 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 13.10 | Product(s): | linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25179 | |||
| Oval ID: | oval:org.mitre.oval:def:25179 | ||
| Title: | USN-2263-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2263-1 CVE-2014-1739 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25233 | |||
| Oval ID: | oval:org.mitre.oval:def:25233 | ||
| Title: | SUSE-SU-2014:0667-1 -- Security update for Linux Kernel | ||
| Description: | The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues: * CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690) | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0667-1 CVE-2014-1737 CVE-2014-1738 CVE-2014-0196 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | Linux Kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25258 | |||
| Oval ID: | oval:org.mitre.oval:def:25258 | ||
| Title: | RHSA-2014:0678: kernel security update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important) All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0678-00 CVE-2014-0196 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25261 | |||
| Oval ID: | oval:org.mitre.oval:def:25261 | ||
| Title: | RHSA-2014:0786: kernel security, bug fix, and enhancement update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important) * Use-after-free and information leak flaws were found in the way the Linux kernel's floppy driver processed the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use these flaws to escalate their privileges on the system. (CVE-2014-1737, CVE-2014-1738, Important) * It was found that the aio_read_events_ring() function of the Linux kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO ring head received from user space. A local, unprivileged user could use this flaw to disclose random parts of the (physical) memory belonging to the kernel and/or other processes. (CVE-2014-0206, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) * An information leak flaw was found in the way the skb_zerocopy() function copied socket buffers (skb) that are backed by user-space buffers (for example vhost-net and Xen netback), potentially allowing an attacker to read data from those buffers. (CVE-2014-2568, Low) Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153 and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. The CVE-2014-0206 issue was discovered by Mateusz Guzik of Red Hat. This update also fixes the following bugs: * Due to incorrect calculation of Tx statistics in the qlcninc driver, running the "ethtool -S ethX" command could trigger memory corruption. As a consequence, running the sosreport tool, that uses this command, resulted in a kernel panic. The problem has been fixed by correcting the said statistics calculation. (BZ#1104972) * When an attempt to create a file on the GFS2 file system failed due to a file system quota violation, the relevant VFS inode was not completely uninitialized. This could result in a list corruption error. This update resolves this problem by correctly uninitializing the VFS inode in this situation. (BZ#1097407) * Due to a race condition in the kernel, the getcwd() system call could return "/" instead of the correct full path name when querying a path name of a file or directory. Paths returned in the "/proc" file system could also be incorrect. This problem was causing instability of various applications. The aforementioned race condition has been fixed and getcwd() now always returns the correct paths. (BZ#1099048) In addition, this update adds the following enhancements: * The kernel mutex code has been improved. The changes include improved queuing of the MCS spin locks, the MCS code optimization, introduction of the cancellable MCS spin locks, and improved handling of mutexes without wait locks. (BZ#1103631, BZ#1103629) * The handling of the Virtual Memory Area (VMA) cache and huge page faults has been improved. (BZ#1103630) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0786-00 CVE-2014-0206 CVE-2014-1737 CVE-2014-1738 CVE-2014-2568 CVE-2014-2851 CVE-2014-3144 CVE-2014-3145 CVE-2014-3153 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25440 | |||
| Oval ID: | oval:org.mitre.oval:def:25440 | ||
| Title: | SUSE-SU-2014:0773-1 -- Security update for Linux Kernel | ||
| Description: | The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0773-1 CVE-2013-6382 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2014-1737 CVE-2014-1738 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | Linux Kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25729 | |||
| Oval ID: | oval:org.mitre.oval:def:25729 | ||
| Title: | RHSA-2014:0981: kernel security, bug fix, and enhancement update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important) * A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to crash the system. (CVE-2012-6647, Moderate) * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) * It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate) * A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate) * A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) This update also fixes several bugs and adds one enhancement. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0981-00 CESA-2014:0981 CVE-2012-6647 CVE-2013-7339 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 CVE-2014-3144 CVE-2014-3145 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26034 | |||
| Oval ID: | oval:org.mitre.oval:def:26034 | ||
| Title: | USN-2314-1 -- linux vulnerability | ||
| Description: | The system could be made to crash under certain conditions. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2314-1 CVE-2014-3917 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26185 | |||
| Oval ID: | oval:org.mitre.oval:def:26185 | ||
| Title: | USN-2313-1 -- linux-lts-trusty vulnerability | ||
| Description: | The system could be made to crash under certain conditions. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2313-1 CVE-2014-3917 | Version: | 3 |
| Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-trusty |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26359 | |||
| Oval ID: | oval:org.mitre.oval:def:26359 | ||
| Title: | ELSA-2014-3052 -- unbreakable enterprise kernel security update (important) | ||
| Description: | kernel-uek [3.8.13-35.3.3.el7uek] - filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315781] {CVE-2014-3144} {CVE-2014-3145} - mac80211: fix AP powersave TX vs. wakeup race (Emmanuel Grumbach) [Orabug: 19316457] {CVE-2014-2706} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3052 CVE-2014-3144 CVE-2014-3145 CVE-2014-2706 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26538 | |||
| Oval ID: | oval:org.mitre.oval:def:26538 | ||
| Title: | ELSA-2014-3074 -- Unbreakable Enterprise kernel security update (Important) | ||
| Description: | [2.6.39-400.215.10.el6uek] - auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590597] {CVE-2014-3917} [2.6.39-400.215.9.el6uek] - oracleasm: Add support for new error return codes from block/SCSI (Martin K. Petersen) [Orabug: 18438934] [2.6.39-400.215.8.el6uek] - ib_ipoib: CSUM support in connected mode (Yuval Shaia) [Orabug: 18692878] - net: Reduce high cpu usage in bonding driver by do_csum (Venkat Venkatsubra) [Orabug: 18141731] - [random] Partially revert 6d7c7e49: random: make 'add_interrupt_randomness() (John Sobecki) [Orabug: 17740293] - oracleasm: claim FMODE_EXCL access on disk during asm_open (Srinivas Eeda) [Orabug: 19453460] - notify block layer when using temporary change to cache_type (Vaughan Cao) [Orabug: 19448451] - sd: Fix parsing of 'temporary ' cache mode prefix (Ben Hutchings) [Orabug: 19448451] - sd: fix array cache flushing bug causing performance problems (James Bottomley) [Orabug: 19448451] - block: fix max discard sectors limit (James Bottomley) [Orabug: 18961244] - xen-netback: fix deadlock in high memory pressure (Junxiao Bi) [Orabug: 18959416] - sdp: fix keepalive functionality (shamir rabinovitch) [Orabug: 18728784] - SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() (Steven Rostedt) [Orabug: 18552029] - refcount: take rw_lock in ocfs2_reflink (Wengang Wang) [Orabug: 18406219] - ipv6: check return value for dst_alloc (Madalin Bucur) [Orabug: 17865160] - cciss: bug fix to prevent cciss from loading in kdump crash kernel (Mike Miller) [Orabug: 17740446] - configfs: fix race between dentry put and lookup (Junxiao Bi) [Orabug: 17627075] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3074 CVE-2014-3917 | Version: | 3 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | kernel-uek |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26607 | |||
| Oval ID: | oval:org.mitre.oval:def:26607 | ||
| Title: | DEPRECATED: ELSA-2014-0475 -- kernel security and bug fix update (important) | ||
| Description: | A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-0475 CVE-2014-0077 CVE-2013-6383 CVE-2014-2523 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26754 | |||
| Oval ID: | oval:org.mitre.oval:def:26754 | ||
| Title: | ELSA-2014-1143 -- kernel security and bug fix update (Moderate) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. (CVE-2014-3917, Moderate) This update also fixes the following bugs: * A bug in the journaling code (jbd and jbd2) could, under very heavy workload of fsync() operations, trigger a BUG_ON and result in a kernel oops. Also, fdatasync() could fail to immediately write out changes in the file size only. These problems have been resolved by backporting a series of patches that fixed these problems in the respective code on Red Hat Enterprise Linux 6. This update also improves performance of ext3 and ext4 file systems. (BZ#1116027) * Due to a bug in the ext4 code, the fdatasync() system call did not force the inode size change to be written to the disk if it was the only metadata change in the file. This could result in the wrong inode size and possible data loss if the system terminated unexpectedly. The code handling inode updates has been fixed and fdatasync() now writes data to the disk as expected in this situation. (BZ#1117665) * A workaround to a DMA read problem in the tg3 driver was incorrectly applied to the whole Broadcom 5719 and 5720 chipset family. This workaround is valid only to the A0 revision of the 5719 chips and for other revisions and chips causes occasional Tx timeouts. This update correctly applies the aforementioned workaround only to the A0 revision of the 5719 chips. (BZ#1121017) * Due to a bug in the page writeback code, the system could become unresponsive when being under memory pressure and heavy NFS load. This update fixes the code responsible for handling of dirty pages, and dirty page write outs no longer flood the work queue. (BZ#1125246) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1143 CVE-2014-3917 | Version: | 3 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26762 | |||
| Oval ID: | oval:org.mitre.oval:def:26762 | ||
| Title: | RHSA-2014:1281: kernel security and bug fix update (Moderate) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. (CVE-2014-3917, Moderate) This update also fixes the following bugs: * A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD devices with unaligned I/O access from completing the submitted I/O requests. This resulted in a livelock situation and rendered the Micron P420m PCIe SSD devices unusable. To fix this problem, mtip32xx now checks whether an I/O access is unaligned and if so, it uses the correct semaphore. (BZ#1125776) * A series of patches has been backported to improve the functionality of a touch pad on the latest Lenovo laptops in Red Hat Enterprise Linux 7. (BZ#1122559) * Due to a bug in the bnx2x driver, a network adapter could be unable to recover from EEH error injection. The network adapter had to be taken offline and rebooted in order to function properly again. With this update, the bnx2x driver has been corrected and network adapters now recover from EEH errors as expected. (BZ#1107722) * Previously, if an hrtimer interrupt was delayed, all future pending hrtimer events that were queued on the same processor were also delayed until the initial hrtimer event was handled. This could cause all hrtimer processing to stop for a significant period of time. To prevent this problem, the kernel has been modified to handle all expired hrtimer events when handling the initially delayed hrtimer event. (BZ#1113175) * A previous change to the nouveau driver introduced a bit shift error, which resulted in a wrong display resolution being set with some models of NVIDIA controllers. With this update, the erroneous code has been corrected, and the affected NVIDIA controllers can now set the correct display resolution. (BZ#1114869) * Due to a NULL pointer dereference bug in the be2net driver, the system could experience a kernel oops and reboot when disabling a network adapter after a permanent failure. This problem has been fixed by introducing a flag to keep track of the setup state. The failing adapter can now be disabled successfully without a kernel crash. (BZ#1122558) * Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed access to huge pages access by default. However, huge pages may be unsupported in some environments, such as a KVM guest on a PowerPC architecture, and an attempt to access a huge page in memory would result in a kernel oops. This update ensures that HugeTLB denies access to huge pages if the huge pages are not supported on the system. (BZ#1122115) * If an NVMe device becomes ready but fails to create I/O queues, the nvme driver creates a character device handle to manage such a device. Previously, a character device could be created before a device reference counter was initialized, which resulted in a kernel oops. This problem has been fixed by calling the relevant initialization function earlier in the code. (BZ#1119720) * On some firmware versions of the BladeEngine 3 (BE3) controller, interrupts remain disabled after a hardware reset. This was a problem for all Emulex-based network adapters using such a BE3 controller because these adapters would fail to recover from an EEH error if it occurred. To resolve this problem, the be2net driver has been modified to enable the interrupts in the eeh_resume handler explicitly. (BZ#1121712) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1281-00 CESA-2014:1281 CVE-2014-3917 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26883 | |||
| Oval ID: | oval:org.mitre.oval:def:26883 | ||
| Title: | ELSA-2014-3014 -- unbreakable enterprise kernel security update (important) | ||
| Description: | kernel-uek [3.8.13-26.2.2.el6uek] - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523} - cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069} - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101} - vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3014 CVE-2014-0055 CVE-2014-0069 CVE-2014-0101 CVE-2014-2523 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26926 | |||
| Oval ID: | oval:org.mitre.oval:def:26926 | ||
| Title: | ELSA-2014-0771 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.32-431.20.3] - [kernel] futex: Make lookup_pi_state more robust (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: Always cleanup owner tid in unlock_pi (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: Validate atomic acquisition in futex_lock_pi_atomic() (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [kernel] futex: prevent requeue pi on same futex (Jerome Marchand) [1104516 1104517] {CVE-2014-3153} - [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708] - [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708] - [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708] - [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708] - [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708] - Revert: [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708] - Revert: [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708] - Revert: [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708] - Revert: [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708] - Revert: [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-0771 CVE-2014-3153 CVE-2014-1737 CVE-2014-1738 CVE-2013-6378 CVE-2014-0203 CVE-2014-1874 CVE-2014-2039 | Version: | 3 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27042 | |||
| Oval ID: | oval:org.mitre.oval:def:27042 | ||
| Title: | ELSA-2014-3042 -- unbreakable enterprise kernel security update (important) | ||
| Description: | [2.6.39-400.215.3] - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028380] {CVE-2014-1874} - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028444] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028438] {CVE-2014-1737} - libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028416] {CVE-2013-6378} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3042 CVE-2014-1737 CVE-2014-1738 CVE-2013-6378 CVE-2014-1874 | Version: | 3 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27112 | |||
| Oval ID: | oval:org.mitre.oval:def:27112 | ||
| Title: | ELSA-2014-3038 -- unbreakable enterprise kernel security update (important) | ||
| Description: | [2.6.39-400.215.2] - futex: Make lookup_pi_state more robust (Thomas Gleixner) [Orabug: 18918614] {CVE-2014-3153} - futex: Always cleanup owner tid in unlock_pi (Thomas Gleixner) [Orabug: 18918614] {CVE-2014-3153} - futex: Validate atomic acquisition in futex_lock_pi_atomic() (Thomas Gleixner) [Orabug: 18918614] {CVE-2014-3153} - futex: Forbid uaddr1 == uaddr2 in futex_requeue(..., requeue_pi=1) (Thomas Gleixner) [Orabug: 18918614] {CVE-2014-3153} {CVE-2014-3153} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3038 CVE-2014-3153 | Version: | 3 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27316 | |||
| Oval ID: | oval:org.mitre.oval:def:27316 | ||
| Title: | ELSA-2014-3037 -- Unbreakable Enterprise kernel security update (important) | ||
| Description: | kernel-uek [3.8.13-35.1.1.el6uek] - futex: Make lookup_pi_state more robust (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Always cleanup owner tid in unlock_pi (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Validate atomic acquisition in futex_lock_pi_atomic() (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} - futex: Forbid uaddr == uaddr2 in futex_requeue(..., requeue_pi=1) (Thomas Gleixner) [Orabug: 18918552] {CVE-2014-3153} {CVE-2014-3153} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3037 CVE-2014-3153 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek dtrace-modules-headers dtrace-modules-provider-headers kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27323 | |||
| Oval ID: | oval:org.mitre.oval:def:27323 | ||
| Title: | ELSA-2014-0740-1 -- kernel security and bug fix update (important) | ||
| Description: | kernel [2.6.18-371.9.1.0.1] - i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-0740-1 CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27352 | |||
| Oval ID: | oval:org.mitre.oval:def:27352 | ||
| Title: | ELSA-2014-3041 -- unbreakable enterprise kernel security update (important) | ||
| Description: | kernel-uek [3.8.13-35.1.2.el6uek] - floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028443] {CVE-2014-1738} - floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028436] {CVE-2014-1737} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-3041 CVE-2014-1737 CVE-2014-1738 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | dtrace-modules kernel-uek kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Linux kernel futex_requeue privilege elevation | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2014-11-25 | Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406 |
| 2014-05-26 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
| 2014-04-18 | Linux group_info refcounter - Overflow Memory Corruption |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-10-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1609-1 File : nvt/gb_ubuntu_USN_1609_1.nasl |
| 2012-10-12 | Name : Ubuntu Update for linux USN-1606-1 File : nvt/gb_ubuntu_USN_1606_1.nasl |
| 2012-10-12 | Name : Ubuntu Update for linux USN-1607-1 File : nvt/gb_ubuntu_USN_1607_1.nasl |
| 2012-10-05 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1594-1 File : nvt/gb_ubuntu_USN_1594_1.nasl |
| 2012-08-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1514-1 File : nvt/gb_ubuntu_USN_1514_1.nasl |
| 2012-08-14 | Name : Ubuntu Update for linux USN-1529-1 File : nvt/gb_ubuntu_USN_1529_1.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0743 centos6 File : nvt/gb_CESA-2012_0743_kernel_centos6.nasl |
| 2012-06-19 | Name : RedHat Update for kernel RHSA-2012:0743-01 File : nvt/gb_RHSA-2012_0743-01_kernel.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-15 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37654 - Revision : 2 - Type : OS-LINUX |
| 2016-03-14 | Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt RuleID : 37408 - Revision : 2 - Type : OS-LINUX |
| 2014-01-10 | IPv6 router advertisement flood attempt RuleID : 23178 - Revision : 9 - Type : PROTOCOL-ICMP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
| 2015-05-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_6294f75f03f211e5aab1d050996490d0.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0772-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0773-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0832-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1105-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1138-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
| 2015-03-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
| 2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO |
| 2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO |
| 2014-12-22 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0042.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0801.nasl - Type : ACT_GATHER_INFO |
| 2014-11-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0815.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0339.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0419.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0432.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0512.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0593.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0629.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0634.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0772.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0800.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0900.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1101.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-1168.nasl - Type : ACT_GATHER_INFO |
| 2014-10-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140924.nasl - Type : ACT_GATHER_INFO |
| 2014-10-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-bigsmp-201409-140924.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-328.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-339.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-363.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-392.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15317.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15319.nasl - Type : ACT_GATHER_INFO |
| 2014-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1281.nasl - Type : ACT_GATHER_INFO |
| 2014-09-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1281.nasl - Type : ACT_GATHER_INFO |
| 2014-09-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1281.nasl - Type : ACT_GATHER_INFO |
| 2014-09-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3072.nasl - Type : ACT_GATHER_INFO |
| 2014-09-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3073.nasl - Type : ACT_GATHER_INFO |
| 2014-09-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3074.nasl - Type : ACT_GATHER_INFO |
| 2014-09-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1167.nasl - Type : ACT_GATHER_INFO |
| 2014-09-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1167.nasl - Type : ACT_GATHER_INFO |
| 2014-09-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1167.nasl - Type : ACT_GATHER_INFO |
| 2014-09-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140909_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2014-09-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1143.nasl - Type : ACT_GATHER_INFO |
| 2014-09-05 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1143-1.nasl - Type : ACT_GATHER_INFO |
| 2014-09-05 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1143.nasl - Type : ACT_GATHER_INFO |
| 2014-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140903_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2014-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1143.nasl - Type : ACT_GATHER_INFO |
| 2014-09-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2334-1.nasl - Type : ACT_GATHER_INFO |
| 2014-08-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3070.nasl - Type : ACT_GATHER_INFO |
| 2014-08-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2313-1.nasl - Type : ACT_GATHER_INFO |
| 2014-08-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2314-1.nasl - Type : ACT_GATHER_INFO |
| 2014-08-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-493.nasl - Type : ACT_GATHER_INFO |
| 2014-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1023.nasl - Type : ACT_GATHER_INFO |
| 2014-08-07 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1023.nasl - Type : ACT_GATHER_INFO |
| 2014-08-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1023.nasl - Type : ACT_GATHER_INFO |
| 2014-08-04 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-478.nasl - Type : ACT_GATHER_INFO |
| 2014-08-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
| 2014-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3052.nasl - Type : ACT_GATHER_INFO |
| 2014-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3053.nasl - Type : ACT_GATHER_INFO |
| 2014-07-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3054.nasl - Type : ACT_GATHER_INFO |
| 2014-07-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
| 2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0678.nasl - Type : ACT_GATHER_INFO |
| 2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0786.nasl - Type : ACT_GATHER_INFO |
| 2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0981.nasl - Type : ACT_GATHER_INFO |
| 2014-07-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0926.nasl - Type : ACT_GATHER_INFO |
| 2014-07-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0926.nasl - Type : ACT_GATHER_INFO |
| 2014-07-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140723_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0678.nasl - Type : ACT_GATHER_INFO |
| 2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0786.nasl - Type : ACT_GATHER_INFO |
| 2014-07-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0926.nasl - Type : ACT_GATHER_INFO |
| 2014-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0913.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0439.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0557.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140709.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2281-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2282-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2285-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2286-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2287-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2288-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2289-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2290-1.nasl - Type : ACT_GATHER_INFO |
| 2014-07-02 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-451.nasl - Type : ACT_GATHER_INFO |
| 2014-06-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2259-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2260-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2261-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2262-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2264-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-26 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-441.nasl - Type : ACT_GATHER_INFO |
| 2014-06-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-wireless-140618.nasl - Type : ACT_GATHER_INFO |
| 2014-06-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
| 2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3041.nasl - Type : ACT_GATHER_INFO |
| 2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3042.nasl - Type : ACT_GATHER_INFO |
| 2014-06-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3043.nasl - Type : ACT_GATHER_INFO |
| 2014-06-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
| 2014-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0771.nasl - Type : ACT_GATHER_INFO |
| 2014-06-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140619_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2014-06-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2251-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2252-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7320.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0740-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
| 2014-06-12 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7128.nasl - Type : ACT_GATHER_INFO |
| 2014-06-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
| 2014-06-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140610_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2014-06-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0740.nasl - Type : ACT_GATHER_INFO |
| 2014-06-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140604.nasl - Type : ACT_GATHER_INFO |
| 2014-06-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3037.nasl - Type : ACT_GATHER_INFO |
| 2014-06-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3038.nasl - Type : ACT_GATHER_INFO |
| 2014-06-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3039.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2949.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2950.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7033.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2233-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2234-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2235-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2237-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2238-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2239-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2240-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2241-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2223-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2224-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2225-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2226-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2228-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2219-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2220-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2221-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-22 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6354.nasl - Type : ACT_GATHER_INFO |
| 2014-05-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO |
| 2014-05-19 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6357.nasl - Type : ACT_GATHER_INFO |
| 2014-05-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2928.nasl - Type : ACT_GATHER_INFO |
| 2014-05-16 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140513.nasl - Type : ACT_GATHER_INFO |
| 2014-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2926.nasl - Type : ACT_GATHER_INFO |
| 2014-05-12 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6122.nasl - Type : ACT_GATHER_INFO |
| 2014-05-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3021.nasl - Type : ACT_GATHER_INFO |
| 2014-05-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3022.nasl - Type : ACT_GATHER_INFO |
| 2014-05-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO |
| 2014-05-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0475.nasl - Type : ACT_GATHER_INFO |
| 2014-05-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0475.nasl - Type : ACT_GATHER_INFO |
| 2014-05-09 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140507_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5609.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2196-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2197-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2198-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2199-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2200-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2201-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2202-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2203-1.nasl - Type : ACT_GATHER_INFO |
| 2014-05-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2204-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2173-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2174-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2175-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2176-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2177-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2178-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2179-1.nasl - Type : ACT_GATHER_INFO |
| 2014-04-21 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5235.nasl - Type : ACT_GATHER_INFO |
| 2014-04-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3018.nasl - Type : ACT_GATHER_INFO |
| 2014-04-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3019.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140408.nasl - Type : ACT_GATHER_INFO |
| 2014-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4844.nasl - Type : ACT_GATHER_INFO |
| 2014-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4849.nasl - Type : ACT_GATHER_INFO |
| 2014-04-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4675.nasl - Type : ACT_GATHER_INFO |
| 2014-03-28 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-317.nasl - Type : ACT_GATHER_INFO |
| 2014-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4317.nasl - Type : ACT_GATHER_INFO |
| 2014-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4360.nasl - Type : ACT_GATHER_INFO |
| 2014-03-28 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3016.nasl - Type : ACT_GATHER_INFO |
| 2014-03-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-140321.nasl - Type : ACT_GATHER_INFO |
| 2014-03-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3014.nasl - Type : ACT_GATHER_INFO |
| 2014-03-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3015.nasl - Type : ACT_GATHER_INFO |
| 2014-03-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0328.nasl - Type : ACT_GATHER_INFO |
| 2014-03-26 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0328.nasl - Type : ACT_GATHER_INFO |
| 2014-03-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0328.nasl - Type : ACT_GATHER_INFO |
| 2014-03-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140325_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3448.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2133-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2135-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2136-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2137-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2138-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2140-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3442.nasl - Type : ACT_GATHER_INFO |
| 2014-03-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2128-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2129-1.nasl - Type : ACT_GATHER_INFO |
| 2014-03-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2887.nasl - Type : ACT_GATHER_INFO |
| 2014-03-02 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-289.nasl - Type : ACT_GATHER_INFO |
| 2014-03-02 | Name : The remote Fedora host is missing a security update. File : fedora_2014-3094.nasl - Type : ACT_GATHER_INFO |
| 2014-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2576.nasl - Type : ACT_GATHER_INFO |
| 2014-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2014-2606.nasl - Type : ACT_GATHER_INFO |
| 2014-02-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3002.nasl - Type : ACT_GATHER_INFO |
| 2013-12-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2038-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2015-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2016-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2019-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2020-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2021-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2023-1.nasl - Type : ACT_GATHER_INFO |
| 2013-09-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-242.nasl - Type : ACT_GATHER_INFO |
| 2013-09-16 | Name : The remote Fedora host is missing a security update. File : fedora_2013-16336.nasl - Type : ACT_GATHER_INFO |
| 2013-09-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-16379.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2020.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2021.nasl - Type : ACT_GATHER_INFO |
| 2013-05-08 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-130426.nasl - Type : ACT_GATHER_INFO |
| 2012-10-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1609-1.nasl - Type : ACT_GATHER_INFO |
| 2012-10-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1606-1.nasl - Type : ACT_GATHER_INFO |
| 2012-10-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1607-1.nasl - Type : ACT_GATHER_INFO |
| 2012-10-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1594-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1514-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1529-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120618_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
| 2012-06-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0743.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-06-14 13:37:26 |
|
| 2014-06-13 21:22:29 |
|
