10 - RHSA-2005:092

Executive Summary

Summary
Title	kernel security update

Informations
Name	RHSA-2005:092	First vendor Publication	2005-02-18
Vendor	RedHat	Last vendor Modification	2005-02-18
Severity (Vendor)	Important	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix several security issues are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i686, ia64, noarch, ppc64, ppc64iseries, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i686, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i686, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i686, ia64, noarch, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues:

iSEC Security Research discovered multiple vulnerabilities in the IGMP functionality. These flaws could allow a local user to cause a denial of service (crash) or potentially gain privileges. Where multicast applications are being used on a system, these flaws may also allow remote users to cause a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1137 to this issue.

iSEC Security Research discovered a flaw in the page fault handler code that could lead to local users gaining elevated (root) privileges on multiprocessor machines. (CAN-2005-0001)

iSEC Security Research discovered a VMA handling flaw in the uselib(2) system call of the Linux kernel. A local user could make use of this flaw to gain elevated (root) privileges. (CAN-2004-1235)

A flaw affecting the OUTS instruction on the AMD64 and Intel EM64T architecture was discovered. A local user could use this flaw to write to privileged IO ports. (CAN-2005-0204)

The Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) or possibly modify the video output. (CAN-2004-1056)

OGAWA Hirofumi discovered incorrect tables sizes being used in the filesystem Native Language Support ASCII translation table. This could lead to a denial of service (system crash). (CAN-2005-0177)

Michael Kerrisk discovered a flaw in the 2.6.9 kernel which allows users to unlock arbitrary shared memory segments. This flaw could lead to applications not behaving as expected. (CAN-2005-0176)

Improvements in the POSIX signal and tty standards compliance exposed a race condition. This flaw can be triggered accidentally by threaded applications or deliberately by a malicious user and can result in a denial of service (crash) or in occasional cases give access to a small random chunk of kernel memory. (CAN-2005-0178)

The PaX team discovered a flaw in mlockall introduced in the 2.6.9 kernel. An unprivileged user could use this flaw to cause a denial of service (CPU and memory consumption or crash). (CAN-2005-0179)

Brad Spengler discovered multiple flaws in sg_scsi_ioctl in the 2.6 kernel. An unprivileged user may be able to use this flaw to cause a denial of service (crash) or possibly other actions. (CAN-2005-0180)

Kirill Korotaev discovered a missing access check regression in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch. On systems using the hugemem kernel, a local unprivileged user could use this flaw to cause a denial of service (crash). (CAN-2005-0090)

A flaw in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch can allow syscalls to read and write arbitrary kernel memory. On systems using the hugemem kernel, a local unprivileged user could use this flaw to gain privileges. (CAN-2005-0091)

An additional flaw in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch was discovered. On x86 systems using the hugemem kernel, a local unprivileged user may be able to use this flaw to cause a denial of service (crash). (CAN-2005-0092)

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

139436 - Kernel does not export get_sb_pseudo() 144471 - CAN-2005-0176 unlock someone elses ipc memory 146095 - CAN-2005-0177 nls_ascii incorrect table size 146101 - CAN-2005-0178 tty/setsid race 141390 - Harmless yet annoying parted message about using deprecated SCSI ioctl 146083 - 20041212 Clear ebp on sysenter return 144412 - CAN-2005-0001 page fault @ SMP privilege escalation 142670 - CAN-2004-1137 IGMP flaws 144131 - CAN-2005-0090 4GB split DoS 144658 - CAN-2005-0091 4g4g PROT_NONE fix (CAN-2005-0092) 144136 - CAN-2004-1235 isec.pl do_brk() privilege escalation 144391 - CAN-2004-1056 insufficient locking checks in DRM code 144528 - CAN-2005-0179 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS 144532 - random poolsize sysctl handler integer overflow 144522 - CAN-2005-0180 2.6 scsi ioctl integer overflow and information leak

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2005-092.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10298

Oval ID:	oval:org.mitre.oval:def:10298
Title:	nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow.
Description:	nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0177	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:10320

Oval ID:	oval:org.mitre.oval:def:10320
Title:	Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
Description:	Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0204	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-27.0.4.EL AND kernel-unsupported is earlier than 0:2.4.21-27.0.4.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-27.0.4.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.4.EL AND kernel-hugemem is earlier than 0:2.4.21-27.0.4.EL AND kernel is earlier than 0:2.4.21-27.0.4.EL AND kernel-source is earlier than 0:2.4.21-27.0.4.EL AND kernel-doc is earlier than 0:2.4.21-27.0.4.EL AND kernel-smp is earlier than 0:2.4.21-27.0.4.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:10322

Oval ID:	oval:org.mitre.oval:def:10322
Title:	Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description:	Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0001	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:10425

Oval ID:	oval:org.mitre.oval:def:10425
Title:	Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description:	A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0090	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:10647

Oval ID:	oval:org.mitre.oval:def:10647
Title:	Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.
Description:	Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0178	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:10667

Oval ID:	oval:org.mitre.oval:def:10667
Title:	Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
Description:	Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0180	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:11144

Oval ID:	oval:org.mitre.oval:def:11144
Title:	Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
Description:	Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-1137	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-27.0.1.EL AND kernel-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem is earlier than 0:2.4.21-27.0.1.EL AND kernel is earlier than 0:2.4.21-27.0.1.EL AND kernel-source is earlier than 0:2.4.21-27.0.1.EL AND kernel-doc is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp is earlier than 0:2.4.21-27.0.1.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:11249

Oval ID:	oval:org.mitre.oval:def:11249
Title:	Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description:	Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0091	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:11647

Oval ID:	oval:org.mitre.oval:def:11647
Title:	Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
Description:	Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0092	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:1225

Oval ID:	oval:org.mitre.oval:def:1225
Title:	Linux Kernel shmctl() Memory Swap Vulnerability
Description:	The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0176	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	Linux kernel
Definition Synopsis:
Red Hat Enterprise 3 is installed AND kernel, kernel-smp or kernel-hugemem RPM earlier than 0:2.4.21-32.0.1.EL kernel RPM earlier than 0:2.4.21-32.0.1.EL AND kernel-hugemem RPM earlier than 0:2.4.21-32.0.1.EL AND kernel-smp RPM earlier than 0:2.4.21-32.0.1.EL

Definition Id: oval:org.mitre.oval:def:8778

Oval ID:	oval:org.mitre.oval:def:8778
Title:	The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
Description:	The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0176	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-32.0.1.EL AND kernel-unsupported is earlier than 0:2.4.21-32.0.1.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-32.0.1.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-32.0.1.EL AND kernel-hugemem is earlier than 0:2.4.21-32.0.1.EL AND kernel is earlier than 0:2.4.21-32.0.1.EL AND kernel-source is earlier than 0:2.4.21-32.0.1.EL AND kernel-doc is earlier than 0:2.4.21-32.0.1.EL AND kernel-smp is earlier than 0:2.4.21-32.0.1.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:9567

Oval ID:	oval:org.mitre.oval:def:9567
Title:	Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description:	Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-1235	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-27.0.2.EL AND kernel-unsupported is earlier than 0:2.4.21-27.0.2.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-27.0.2.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.2.EL AND kernel-hugemem is earlier than 0:2.4.21-27.0.2.EL AND kernel is earlier than 0:2.4.21-27.0.2.EL AND kernel-source is earlier than 0:2.4.21-27.0.2.EL AND kernel-doc is earlier than 0:2.4.21-27.0.2.EL AND kernel-smp is earlier than 0:2.4.21-27.0.2.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:9795

Oval ID:	oval:org.mitre.oval:def:9795
Title:	Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
Description:	Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-1056	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-37.EL AND kernel-unsupported is earlier than 0:2.4.21-37.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-37.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-37.EL AND kernel-hugemem is earlier than 0:2.4.21-37.EL AND kernel is earlier than 0:2.4.21-37.EL AND kernel-source is earlier than 0:2.4.21-37.EL AND kernel-doc is earlier than 0:2.4.21-37.EL AND kernel-smp is earlier than 0:2.4.21-37.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

Definition Id: oval:org.mitre.oval:def:9890

Oval ID:	oval:org.mitre.oval:def:9890
Title:	Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.
Description:	Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0179	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-37.EL AND kernel-unsupported is earlier than 0:2.4.21-37.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-37.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-37.EL AND kernel-hugemem is earlier than 0:2.4.21-37.EL AND kernel is earlier than 0:2.4.21-37.EL AND kernel-source is earlier than 0:2.4.21-37.EL AND kernel-doc is earlier than 0:2.4.21-37.EL AND kernel-smp is earlier than 0:2.4.21-37.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem is earlier than 0:2.6.9-5.0.3.EL AND kernel-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel is earlier than 0:2.6.9-5.0.3.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-5.0.3.EL AND kernel-doc is earlier than 0:2.6.9-5.0.3.EL AND kernel-smp is earlier than 0:2.6.9-5.0.3.EL

CPE : Common Platform Enumeration

Type	Description	Count
Application	Avaya Intuity Audix cpe:2.3:a:avaya:intuity_audix:::lx:::::*	1
Application	Avaya mn100 cpe:2.3:a:avaya:mn100::::::::	1
Application	Avaya Network Routing cpe:2.3:a:avaya:network_routing::::::::	1
Application	Mandrakesoft Mandrake Multi Network Firewall cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:::::::*	1
Application	Netkit Linux Netkit cpe:2.3:a:netkit:linux_netkit:0.17.17:::::::* cpe:2.3:a:netkit:linux_netkit:0.17:::::::*	2
Application	Vserver Linux-Vserver cpe:2.3:a:vserver:linux-vserver:1.24:::::::* cpe:2.3:a:vserver:linux-vserver:1.23:::::::* cpe:2.3:a:vserver:linux-vserver:1.22:::::::* cpe:2.3:a:vserver:linux-vserver:1.21:::::::* cpe:2.3:a:vserver:linux-vserver:1.20:::::::*	5
Hardware	Avaya Converged Communications Server cpe:2.3:h:avaya:converged_communications_server:2.0:::::::*	1
Hardware	Avaya s8300 cpe:2.3:h:avaya:s8300:r2.0.1:::::::* cpe:2.3:h:avaya:s8300:r2.0.0:::::::*	2
Hardware	Avaya s8500 cpe:2.3:h:avaya:s8500:r2.0.1:::::::* cpe:2.3:h:avaya:s8500:r2.0.0:::::::*	2
Hardware	Avaya s8700 cpe:2.3:h:avaya:s8700:r2.0.1:::::::* cpe:2.3:h:avaya:s8700:r2.0.0:::::::*	2
Hardware	Avaya s8710 cpe:2.3:h:avaya:s8710:r2.0.1:::::::* cpe:2.3:h:avaya:s8710:r2.0.0:::::::*	2
Os	Avaya Modular Messaging Message Storage Server cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:::::::* cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:::::::*	2
Os	Conectiva Linux cpe:2.3:o:conectiva:linux:10.0:::::::*	1
Os	Linux Linux Kernel cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:::::: cpe:2.3:o:linux:linux_kernel:2.6.8.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.7:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.6:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.5:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.4:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.3:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.20.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.2:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.11.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.11:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.10:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test2:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test1:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test11:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test6:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test4:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test8:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test10:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test9:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test5:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test7:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test3:::::: cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:::::::* cpe:2.3:o:linux:linux_kernel:2.5.9:::::::* cpe:2.3:o:linux:linux_kernel:2.5.8:::::::* cpe:2.3:o:linux:linux_kernel:2.5.7:::::::* cpe:2.3:o:linux:linux_kernel:2.5.69:::::::* cpe:2.3:o:linux:linux_kernel:2.5.68:::::::* cpe:2.3:o:linux:linux_kernel:2.5.67:::::::* cpe:2.3:o:linux:linux_kernel:2.5.66:::::::* cpe:2.3:o:linux:linux_kernel:2.5.65:::::::* cpe:2.3:o:linux:linux_kernel:2.5.64:::::::* cpe:2.3:o:linux:linux_kernel:2.5.63:::::::* cpe:2.3:o:linux:linux_kernel:2.5.62:::::::* cpe:2.3:o:linux:linux_kernel:2.5.61:::::::* cpe:2.3:o:linux:linux_kernel:2.5.60:::::::* cpe:2.3:o:linux:linux_kernel:2.5.6:::::::* cpe:2.3:o:linux:linux_kernel:2.5.59:::::::* cpe:2.3:o:linux:linux_kernel:2.5.58:::::::* cpe:2.3:o:linux:linux_kernel:2.5.57:::::::* cpe:2.3:o:linux:linux_kernel:2.5.56:::::::* cpe:2.3:o:linux:linux_kernel:2.5.55:::::::* cpe:2.3:o:linux:linux_kernel:2.5.54:::::::* cpe:2.3:o:linux:linux_kernel:2.5.53:::::::* cpe:2.3:o:linux:linux_kernel:2.5.52:::::::* cpe:2.3:o:linux:linux_kernel:2.5.51:::::::* cpe:2.3:o:linux:linux_kernel:2.5.50:::::::* cpe:2.3:o:linux:linux_kernel:2.5.5:::::::* cpe:2.3:o:linux:linux_kernel:2.5.49:::::::* cpe:2.3:o:linux:linux_kernel:2.5.48:::::::* cpe:2.3:o:linux:linux_kernel:2.5.47:::::::* cpe:2.3:o:linux:linux_kernel:2.5.46:::::::* cpe:2.3:o:linux:linux_kernel:2.5.45:::::::* cpe:2.3:o:linux:linux_kernel:2.5.44:::::::* cpe:2.3:o:linux:linux_kernel:2.5.43:::::::* cpe:2.3:o:linux:linux_kernel:2.5.42:::::::* cpe:2.3:o:linux:linux_kernel:2.5.41:::::::* cpe:2.3:o:linux:linux_kernel:2.5.40:::::::* cpe:2.3:o:linux:linux_kernel:2.5.4:::::::* cpe:2.3:o:linux:linux_kernel:2.5.39:::::::* cpe:2.3:o:linux:linux_kernel:2.5.38:::::::* cpe:2.3:o:linux:linux_kernel:2.5.37:::::::* cpe:2.3:o:linux:linux_kernel:2.5.36:::::::* cpe:2.3:o:linux:linux_kernel:2.5.35:::::::* cpe:2.3:o:linux:linux_kernel:2.5.34:::::::* cpe:2.3:o:linux:linux_kernel:2.5.33:::::::* cpe:2.3:o:linux:linux_kernel:2.5.32:::::::* cpe:2.3:o:linux:linux_kernel:2.5.31:::::::* cpe:2.3:o:linux:linux_kernel:2.5.30:::::::* cpe:2.3:o:linux:linux_kernel:2.5.3:::::::* cpe:2.3:o:linux:linux_kernel:2.5.29:::::::* cpe:2.3:o:linux:linux_kernel:2.5.28:::::::* cpe:2.3:o:linux:linux_kernel:2.5.27:::::::* cpe:2.3:o:linux:linux_kernel:2.5.26:::::::* cpe:2.3:o:linux:linux_kernel:2.5.25:::::::* cpe:2.3:o:linux:linux_kernel:2.5.24:::::::* cpe:2.3:o:linux:linux_kernel:2.5.23:::::::* cpe:2.3:o:linux:linux_kernel:2.5.22:::::::* cpe:2.3:o:linux:linux_kernel:2.5.21:::::::* cpe:2.3:o:linux:linux_kernel:2.5.20:::::::* cpe:2.3:o:linux:linux_kernel:2.5.2:::::::* cpe:2.3:o:linux:linux_kernel:2.5.19:::::::* cpe:2.3:o:linux:linux_kernel:2.5.18:::::::* cpe:2.3:o:linux:linux_kernel:2.5.17:::::::* cpe:2.3:o:linux:linux_kernel:2.5.16:::::::* cpe:2.3:o:linux:linux_kernel:2.5.15:::::::* cpe:2.3:o:linux:linux_kernel:2.5.14:::::::* cpe:2.3:o:linux:linux_kernel:2.5.13:::::::* cpe:2.3:o:linux:linux_kernel:2.5.12:::::::* cpe:2.3:o:linux:linux_kernel:2.5.11:::::::* cpe:2.3:o:linux:linux_kernel:2.5.10:::::::* cpe:2.3:o:linux:linux_kernel:2.5.1:::::::* cpe:2.3:o:linux:linux_kernel:2.5.0:::::::* cpe:2.3:o:linux:linux_kernel:2.4.9:::::::* cpe:2.3:o:linux:linux_kernel:2.4.8:::::::* cpe:2.3:o:linux:linux_kernel:2.4.7:::::::* cpe:2.3:o:linux:linux_kernel:2.4.6:::::::* cpe:2.3:o:linux:linux_kernel:2.4.5:::::::* cpe:2.3:o:linux:linux_kernel:2.4.4:::::::* cpe:2.3:o:linux:linux_kernel:2.4.31:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.4.30:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.4.30:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.3:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.3:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.4.29:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.29:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.4.28:::::::* cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.26:::::::* cpe:2.3:o:linux:linux_kernel:2.4.25:::::::* cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:::::::* cpe:2.3:o:linux:linux_kernel:2.4.24:::::::* cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:::::::* cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:::::: cpe:2.3:o:linux:linux_kernel:2.4.23:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.22:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.22:pre10:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.20:::::::* cpe:2.3:o:linux:linux_kernel:2.4.2:::::::* cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.18::x86::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.17:::::::* cpe:2.3:o:linux:linux_kernel:2.4.16:::::::* cpe:2.3:o:linux:linux_kernel:2.4.15:::::::* cpe:2.3:o:linux:linux_kernel:2.4.14:::::::* cpe:2.3:o:linux:linux_kernel:2.4.13:::::::* cpe:2.3:o:linux:linux_kernel:2.4.12:::::::* cpe:2.3:o:linux:linux_kernel:2.4.11:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.10:::::::* cpe:2.3:o:linux:linux_kernel:2.4.1:::::::* cpe:2.3:o:linux:linux_kernel:2.4.0:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test3:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test8:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test10:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test1:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test12:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test2:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test4:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test6:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test7:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test9:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test11:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test5:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:pre7:::::: cpe:2.3:o:linux:linux_kernel:2.3.99:-:::::: cpe:2.3:o:linux:linux_kernel:2.3.0:::::::* cpe:2.3:o:linux:linux_kernel:2.2.9:::::::* cpe:2.3:o:linux:linux_kernel:2.2.8:::::::* cpe:2.3:o:linux:linux_kernel:2.2.7:::::::* cpe:2.3:o:linux:linux_kernel:2.2.6:::::::* cpe:2.3:o:linux:linux_kernel:2.2.5:::::::* cpe:2.3:o:linux:linux_kernel:2.2.4:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.3:::::::* cpe:2.3:o:linux:linux_kernel:2.2.27:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.2.25:::::::* cpe:2.3:o:linux:linux_kernel:2.2.24:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.23:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.22:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.21:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.20:::::::* cpe:2.3:o:linux:linux_kernel:2.2.2:::::::* cpe:2.3:o:linux:linux_kernel:2.2.19:::::::* cpe:2.3:o:linux:linux_kernel:2.2.18:::::::* cpe:2.3:o:linux:linux_kernel:2.2.17:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.16:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.16:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.2.15_pre20:::::::* cpe:2.3:o:linux:linux_kernel:2.2.15:pre16:::::: cpe:2.3:o:linux:linux_kernel:2.2.15:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.14:::::::* cpe:2.3:o:linux:linux_kernel:2.2.13:-:::::: cpe:2.3:o:linux:linux_kernel:2.2.12:::::::* cpe:2.3:o:linux:linux_kernel:2.2.11:::::::* cpe:2.3:o:linux:linux_kernel:2.2.10:::::::* cpe:2.3:o:linux:linux_kernel:2.2.1:::::::* cpe:2.3:o:linux:linux_kernel:2.2.0:::::::* cpe:2.3:o:linux:linux_kernel:2.1.89:::::::* cpe:2.3:o:linux:linux_kernel:2.1:::::::* cpe:2.3:o:linux:linux_kernel:2.0.9.9:::::::* cpe:2.3:o:linux:linux_kernel:2.0.9:::::::* cpe:2.3:o:linux:linux_kernel:2.0.8:::::::* cpe:2.3:o:linux:linux_kernel:2.0.7:::::::* cpe:2.3:o:linux:linux_kernel:2.0.6:::::::* cpe:2.3:o:linux:linux_kernel:2.0.5:::::::* cpe:2.3:o:linux:linux_kernel:2.0.4:::::::* cpe:2.3:o:linux:linux_kernel:2.0.39:::::::* cpe:2.3:o:linux:linux_kernel:2.0.38:::::::* cpe:2.3:o:linux:linux_kernel:2.0.37:::::::* cpe:2.3:o:linux:linux_kernel:2.0.36:::::::* cpe:2.3:o:linux:linux_kernel:2.0.35:::::::* cpe:2.3:o:linux:linux_kernel:2.0.34:::::::* cpe:2.3:o:linux:linux_kernel:2.0.33:::::::* cpe:2.3:o:linux:linux_kernel:2.0.32:::::::* cpe:2.3:o:linux:linux_kernel:2.0.31:::::::* cpe:2.3:o:linux:linux_kernel:2.0.30:::::::* cpe:2.3:o:linux:linux_kernel:2.0.3:::::::* cpe:2.3:o:linux:linux_kernel:2.0.29:::::::* cpe:2.3:o:linux:linux_kernel:2.0.28:::::::* cpe:2.3:o:linux:linux_kernel:2.0.27:::::::* cpe:2.3:o:linux:linux_kernel:2.0.26:::::::* cpe:2.3:o:linux:linux_kernel:2.0.25:::::::* cpe:2.3:o:linux:linux_kernel:2.0.24:::::::* cpe:2.3:o:linux:linux_kernel:2.0.23:::::::* cpe:2.3:o:linux:linux_kernel:2.0.22:::::::* cpe:2.3:o:linux:linux_kernel:2.0.21:::::::* cpe:2.3:o:linux:linux_kernel:2.0.20:::::::* cpe:2.3:o:linux:linux_kernel:2.0.2:::::::* cpe:2.3:o:linux:linux_kernel:2.0.19:::::::* cpe:2.3:o:linux:linux_kernel:2.0.18:::::::* cpe:2.3:o:linux:linux_kernel:2.0.17:::::::* cpe:2.3:o:linux:linux_kernel:2.0.16:::::::* cpe:2.3:o:linux:linux_kernel:2.0.15:::::::* cpe:2.3:o:linux:linux_kernel:2.0.14:::::::* cpe:2.3:o:linux:linux_kernel:2.0.13:::::::* cpe:2.3:o:linux:linux_kernel:2.0.12:::::::* cpe:2.3:o:linux:linux_kernel:2.0.11:::::::* cpe:2.3:o:linux:linux_kernel:2.0.10:::::::* cpe:2.3:o:linux:linux_kernel:2.0.1:::::::* cpe:2.3:o:linux:linux_kernel:2.0:::::::*	275
Os	Mandrakesoft Mandrake Linux cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:::::::* cpe:2.3:o:mandrakesoft:mandrake_linux:10.1::x86_64::::: cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:::::::* cpe:2.3:o:mandrakesoft:mandrake_linux:10.0::amd64::::: cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:::::::* cpe:2.3:o:mandrakesoft:mandrake_linux:9.2::amd64:::::	6
Os	Mandrakesoft Mandrake Linux Corporate Server cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:::::::* cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:::::::* cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:::::	3
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:4.0::advanced_server::::: cpe:2.3:o:redhat:enterprise_linux:4.0::enterprise_server::::: cpe:2.3:o:redhat:enterprise_linux:4.0::workstation::::: cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers::::: cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server::::: cpe:2.3:o:redhat:enterprise_linux:3.0::workstation::::: cpe:2.3:o:redhat:enterprise_linux:3.0::workstation_server::::: cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_server:::::	8
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*	2
Os	Redhat Fedora Core cpe:2.3:o:redhat:fedora_core:core_3.0:::::::* cpe:2.3:o:redhat:fedora_core:core_2.0:::::::* cpe:2.3:o:redhat:fedora_core:core_1.0:::::::*	3
Os	Redhat Linux cpe:2.3:o:redhat:linux:9.0::i386::::: cpe:2.3:o:redhat:linux:7.3::i386:::::	2
Os	Suse Suse Linux cpe:2.3:o:suse:suse_linux:9.2:::::::* cpe:2.3:o:suse:suse_linux:9.1:::::::* cpe:2.3:o:suse:suse_linux:9.0::enterprise_server::::: cpe:2.3:o:suse:suse_linux:9.0:::::::* cpe:2.3:o:suse:suse_linux:8.2:::::::* cpe:2.3:o:suse:suse_linux:8.1:::::::* cpe:2.3:o:suse:suse_linux:8::enterprise_server::::: cpe:2.3:o:suse:suse_linux:1.0::desktop:::::	8
Os	Trustix Secure Linux cpe:2.3:o:trustix:secure_linux:2.2:::::::* cpe:2.3:o:trustix:secure_linux:2.1:::::::* cpe:2.3:o:trustix:secure_linux:2:::::::*	3
Os	Ubuntu Ubuntu Linux cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ia64::::: cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ppc:::::	2

OpenVAS Exploits

Date	Description
2009-10-10	Name : SLES9: Security update for Linux kernel core File : nvt/sles9p5014380.nasl
2009-10-10	Name : SLES9: Security update for Linux kernel File : nvt/sles9p5019053.nasl
2008-01-17	Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
15417	Red Hat Linux 4GB Split Patch access check Regression Error Local DoS RedHat Linux contains a flaw that may allow a local denial of service. The issue is due to a missing access check, due to a regression error in the RedHat Linux 4 kernel 4GB/4GB split patch, and will result in loss of availability for the platform.
15416	Red Hat Linux 4GB Split Patch Unspecified Kernel Memory Read/Write A missing access check regression in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch has been discovered. On systems using the hugemem kernel, a local unprivileged user could use this flaw to cause a denial of service (crash). (CAN-2005-0090) A flaw in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch can allow syscalls to read and write arbitrary kernel memory. On systems using the hugemem kernel, a local unprivileged user could use this flaw to gain privileges. (CAN-2005-0091) An additional flaw in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch was discovered. On x86 systems using the hugemem kernel, a local unprivileged user may be able to use this flaw to cause a denial of service (crash). (CAN-2005-0092)
15415	Red Hat Linux 4GB Split Patch Unspecified hugemem Local DoS
15213	Linux Kernel OUTS Instruction Privileged IO Port Write
13849	Linux Kernel setsid() Function Race Condition
13848	Linux Kernel nls_ascii.c Table Size Local Overflow DoS
13847	Linux Kernel shmctl() Function Arbitrary Locked Memory Access
12914	Linux Kernel Multiprocessor Page Fault Handler Race Condition Linux Kernel contains a flaw that may allow a malicious user to execute arbitrary code with root privileges on multi-processor systems. The issue is caused by the page fault handler and is triggered when two threads, which share the same virtual memory space, request a stack expansion simultaneously. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
12839	Linux Kernel scsi_ioctl.c sg_scsi_ioctl() Arbitrary Memory Disclosure Linux kernel sg_scsi_ioctl() contains a flaw within scsi_ioctl.c that may lead to an unauthorized information disclosure. Â The issue is triggered when an attacker copies large portions of data from the user space into kernel space buffer occurs, which will disclose sensitive information resulting in a loss of confidentiality.
12838	Linux Kernel mlockall() RLIMIT_MEMLOCK Bypass The Linux kernel contains a flaw related to the mlockall() function that may allow an attacker to bypass unspecified system restrictions. No further details have been provided.
12836	Linux Kernel scsi_ioctl.c sg_scsi_ioctl() Overflow A local overflow exists in the Linux kernel. The sg_scsi_ioctl() function fails to validate user-supplied integer values resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
12791	Linux Kernel sys_uselib Binary Format Loader Local Privilege Escalation
12561	Linux Kernel Direct Rendering Manager (DRM) X Server DoS
12388	Linux Kernel IGMP igmp_marksources() Function Remote DoS
12387	Linux Kernel IGMP ip_mc_msfget / ip_mc_gsfget Function Arbitrary Memory Read
12386	Linux Kernel IGMP ip_mc_source() Function Arbitrary Memory Overwrite

Nessus® Vulnerability Scanner

Date	Description
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO
2006-07-05	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-293.nasl - Type : ACT_GATHER_INFO
2006-07-03	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-472.nasl - Type : ACT_GATHER_INFO
2006-07-03	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-663.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-82-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-60-0.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-57-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-38-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-219.nasl - Type : ACT_GATHER_INFO
2005-10-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-663.nasl - Type : ACT_GATHER_INFO
2005-08-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-529.nasl - Type : ACT_GATHER_INFO
2005-07-01	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO
2005-05-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-472.nasl - Type : ACT_GATHER_INFO
2005-04-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-293.nasl - Type : ACT_GATHER_INFO
2005-02-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-092.nasl - Type : ACT_GATHER_INFO
2005-02-03	Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_003.nasl - Type : ACT_GATHER_INFO
2005-02-03	Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_044.nasl - Type : ACT_GATHER_INFO
2005-01-26	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO
2005-01-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO
2005-01-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-043.nasl - Type : ACT_GATHER_INFO
2005-01-14	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-025.nasl - Type : ACT_GATHER_INFO
2005-01-14	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-026.nasl - Type : ACT_GATHER_INFO
2005-01-12	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-014.nasl - Type : ACT_GATHER_INFO
2005-01-12	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-013.nasl - Type : ACT_GATHER_INFO
2005-01-04	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-582.nasl - Type : ACT_GATHER_INFO
2005-01-04	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-581.nasl - Type : ACT_GATHER_INFO
2004-12-27	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:49:00	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	14
CPE ID(s)	335
osvdb(s)	16
Openvas Exploit(s)	5
Nessus® Exploit(s)	30

	Related
10	CVE-2004-1137
7.8	CVE-2005-0177
7.2	CVE-2005-0091
6.9	CVE-2005-0001
6.4	CVE-2004-1056
6.2	CVE-2005-0178
6.2	CVE-2004-1235
5	CVE-2005-0176
3.6	CVE-2005-0180
2.1	CVE-2005-0204
2.1	CVE-2005-0179
2.1	CVE-2005-0092
2.1	CVE-2005-0090
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 13 more Alert(s)

10 - RHSA-2005:092

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU