Executive Summary
Summary | |
---|---|
Title | kernel-rt security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0161 | First vendor Publication | 2010-03-23 |
Vendor | RedHat | Last vendor Modification | 2010-03-23 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel-rt packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise MRG 1.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 5 Server - i386, noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a deficiency was found in the fasync_helper() implementation. This could allow a local, unprivileged user to leverage a use-after-free of locked, asynchronous file descriptors to cause a denial of service or privilege escalation. (CVE-2009-4141, Important) * multiple flaws were found in the mmap and mremap implementations. A local, unprivileged user could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2010-0291, Important) * a missing boundary check was found in the do_move_pages() function in the memory migration functionality. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) * a NULL pointer dereference flaw was found in the Fast Userspace Mutexes (futexes) implementation. The unlock code path did not check if the futex value associated with pi_state->owner had been modified. A local user could use this flaw to modify the futex value, possibly leading to a denial of service or privilege escalation when the pi_state->owner pointer is dereferenced. (CVE-2010-0622, Important) * an information leak was found in the print_fatal_signal() implementation. When "/proc/sys/kernel/print-fatal-signals" is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate) * a flaw was found in the kernel connector implementation. A local, unprivileged user could trigger this flaw by sending an arbitrary amount of notification requests using specially-crafted netlink messages, resulting in a denial of service. (CVE-2010-0410, Moderate) * missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low) This update also fixes the following bugs: * references were missing for two LSI MegaRAID SAS controllers already supported by the kernel, preventing systems using these controllers from booting. (BZ#554664) * a typo in the fix for CVE-2009-2691 resulted in gdb being unable to read core files created by gcore. (BZ#554965) * values for certain pointers used by the kernel, which should be undereferencable, could potentially be abused when a kernel OOPS occurs. Values that are harder to dereference are now used. (BZ#555227) * this update redesigns the locking scheme of the TTY process group (tty->pgrp) structure, due to race conditions introduced when tty->pgrp started using struct pid instead of pid_t. (BZ#559101) * the way the NFS kernel server used iget() and the way in which it kept its cache of inode information, could have led to (mainly on busy file servers) inconsistencies between the local file system and the file system being served to clients. (BZ#561275) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 547906 - CVE-2009-4141 kernel: create_elf_tables can leave urandom in a bad state 554578 - CVE-2010-0003 kernel: infoleak if print-fatal-signals=1 554664 - MRG current has a very old megaraid_sas driver 554965 - gcore tool produces unusable corefile with MRG kernel 555238 - CVE-2010-0007 kernel: netfilter: ebtables: enforce CAP_NET_ADMIN 556703 - CVE-2010-0291 kernel: untangle the do_mremap() 561275 - kernel: serious ugliness in iget() uses by nfsd [mrg-1] 561682 - CVE-2010-0410 kernel: OOM/crash in drivers/connector 562582 - CVE-2010-0415 kernel: sys_move_pages infoleak 563091 - CVE-2010-0622 kernel: futex: Handle user space corruption gracefully 563781 - CVE-2010-0437 kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0161.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
33 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10061 | |||
Oval ID: | oval:org.mitre.oval:def:10061 | ||
Title: | The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. | ||
Description: | The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0437 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10550 | |||
Oval ID: | oval:org.mitre.oval:def:10550 | ||
Title: | The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address. | ||
Description: | The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0003 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10903 | |||
Oval ID: | oval:org.mitre.oval:def:10903 | ||
Title: | drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. | ||
Description: | drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0410 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11824 | |||
Oval ID: | oval:org.mitre.oval:def:11824 | ||
Title: | The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." | ||
Description: | The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0291 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19697 | |||
Oval ID: | oval:org.mitre.oval:def:19697 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0007 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19968 | |||
Oval ID: | oval:org.mitre.oval:def:19968 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0437 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20180 | |||
Oval ID: | oval:org.mitre.oval:def:20180 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0003 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20241 | |||
Oval ID: | oval:org.mitre.oval:def:20241 | ||
Title: | DSA-2003-1 linux-2.6 - several vulnerabilities | ||
Description: | NOTE: This kernel update marks the final planned kernel security update for the 2.6.18 kernel in the Debian release 'etch'. Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date. A final update that includes fixes for these issues in the 2.6.24 kernel is also in preparation and will be released shortly. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2003-1 CVE-2009-3080 CVE-2009-3726 CVE-2009-4005 CVE-2009-4020 CVE-2009-4021 CVE-2009-4536 CVE-2010-0007 CVE-2010-0410 CVE-2010-0415 CVE-2010-0622 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20266 | |||
Oval ID: | oval:org.mitre.oval:def:20266 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0415 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20525 | |||
Oval ID: | oval:org.mitre.oval:def:20525 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0410 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20549 | |||
Oval ID: | oval:org.mitre.oval:def:20549 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0291 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20551 | |||
Oval ID: | oval:org.mitre.oval:def:20551 | ||
Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
Description: | The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0622 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7054 | |||
Oval ID: | oval:org.mitre.oval:def:7054 | ||
Title: | Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability | ||
Description: | Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4141 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7532 | |||
Oval ID: | oval:org.mitre.oval:def:7532 | ||
Title: | DSA-2005 linux-2.6.24 -- privilege escalation/denial of service/sensitive memory leak | ||
Description: | NOTE: This kernel update marks the final planned kernel security update for the 2.6.24 kernel in the Debian release "etch". Although security support for "etch" officially ended on Feburary 15th, 2010, this update was already in preparation before that date. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Steve Beattie and Kees Cook reported an information leak in the maps and smaps files available under /proc. Local users may be able to read this data for setuid processes while the ELF binary is being loaded. Eric Paris provided several fixes to increase the protection provided by the mmap_min_addr tunable against NULL pointer dereference vulnerabilities. Dave Jones reported an issue in the gdth SCSI driver. A missing check for negative offsets in an ioctl call could be exploited by local users to create a denial of service or potentially gain elevated privileges. Trond Myklebust reported an issue where a malicious NFS server could cause a denial of service condition on its clients by returning incorrect attributes during an open call. Joe Malicki discovered an issue in the megaraid_sas driver. Insufficient permissions on the sysfs dbg_lvl interface allow local users to modify the debug logging behavior. Roel Kluin discovered an issue in the hfc_usb driver, an ISDN driver for Colognechip HFC-S USB chip. A potential read overflow exists which may allow remote users to cause a denial of service condition. Amerigo Wang discovered an issue in the HFS filesystem that would allow a denial of service by a local user who has sufficient privileges to mount a specially crafted filesystem. Anana V. Avati discovered an issue in the fuse subsystem. If the system is sufficiently low on memory, a local user can cause the kernel to dereference an invalid pointer resulting in a denial of service and potentially an escalation of privileges. Jay Fenlason discovered an issue in the firewire stack that allows local users to cause a denial of service by making a specially crafted ioctl call. Ted Ts’o discovered an issue in the ext4 filesystem that allows local users to cause a denial of service. For this to be exploitable, the local user must have sufficient privileges to mount a filesystem. Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted Ethernet frames. Andi Kleen reported a defect which allows local users to gain read access to memory reachable by the kernel when the print-fatal-signals option is enabled. This option is disabled by default. Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. Al Viro reported several issues with the mmap/mremap system calls that allow local users to cause a denial of service or obtain elevated privileges. Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service. Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service or gain access to sensitive kernel memory. Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service . | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2005 CVE-2009-2691 CVE-2009-2695 CVE-2009-3080 CVE-2009-3726 CVE-2009-3889 CVE-2009-4005 CVE-2009-4020 CVE-2009-4021 CVE-2009-4138 CVE-2009-4308 CVE-2009-4536 CVE-2009-4538 CVE-2010-0003 CVE-2010-0007 CVE-2010-0291 CVE-2010-0410 CVE-2010-0415 CVE-2010-0622 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6.24 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9201 | |||
Oval ID: | oval:org.mitre.oval:def:9201 | ||
Title: | Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file. | ||
Description: | Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4141 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9399 | |||
Oval ID: | oval:org.mitre.oval:def:9399 | ||
Title: | The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. | ||
Description: | The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0415 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9655 | |||
Oval ID: | oval:org.mitre.oval:def:9655 | ||
Title: | The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. | ||
Description: | The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0622 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2012-03-15 | Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an... File : nvt/gb_VMSA-2010-0016.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0046 centos5 i386 File : nvt/gb_CESA-2010_0046_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0147 centos5 i386 File : nvt/gb_CESA-2010_0147_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0398 centos5 i386 File : nvt/gb_CESA-2010_0398_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0504 centos5 i386 File : nvt/gb_CESA-2010_0504_kernel_centos5_i386.nasl |
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2010-07-02 | Name : RedHat Update for kernel RHSA-2010:0504-01 File : nvt/gb_RHSA-2010_0504-01_kernel.nasl |
2010-06-07 | Name : Ubuntu Update for linux regression USN-947-2 File : nvt/gb_ubuntu_USN_947_2.nasl |
2010-06-07 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-947-1 File : nvt/gb_ubuntu_USN_947_1.nasl |
2010-05-07 | Name : RedHat Update for kernel RHSA-2010:0398-01 File : nvt/gb_RHSA-2010_0398-01_kernel.nasl |
2010-05-04 | Name : Mandriva Update for kernel MDVSA-2010:088 (kernel) File : nvt/gb_mandriva_MDVSA_2010_088.nasl |
2010-03-31 | Name : Mandriva Update for kernel MDVSA-2010:066 (kernel) File : nvt/gb_mandriva_MDVSA_2010_066.nasl |
2010-03-22 | Name : RedHat Update for kernel RHSA-2010:0147-01 File : nvt/gb_RHSA-2010_0147-01_kernel.nasl |
2010-03-22 | Name : RedHat Update for kernel RHSA-2010:0146-01 File : nvt/gb_RHSA-2010_0146-01_kernel.nasl |
2010-03-22 | Name : SuSE Update for kernel SUSE-SA:2010:016 File : nvt/gb_suse_2010_016.nasl |
2010-03-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-914-1 File : nvt/gb_ubuntu_USN_914_1.nasl |
2010-03-16 | Name : Debian Security Advisory DSA 2012-1 (linux-2.6) File : nvt/deb_2012_1.nasl |
2010-03-12 | Name : Mandriva Update for rsnapshot MDVA-2010:088 (rsnapshot) File : nvt/gb_mandriva_MDVA_2010_088.nasl |
2010-03-05 | Name : SuSE Update for kernel SUSE-SA:2010:014 File : nvt/gb_suse_2010_014.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1500 File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1804 File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1787 File : nvt/gb_fedora_2010_1787_kernel_fc12.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-0919 File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl |
2010-02-25 | Name : Debian Security Advisory DSA 2003-1 (linux-2.6) File : nvt/deb_2003_1.nasl |
2010-02-19 | Name : Mandriva Update for drakxtools MDVA-2010:066 (drakxtools) File : nvt/gb_mandriva_MDVA_2010_066.nasl |
2010-02-19 | Name : SuSE Update for kernel SUSE-SA:2010:010 File : nvt/gb_suse_2010_010.nasl |
2010-02-19 | Name : SuSE Update for kernel SUSE-SA:2010:012 File : nvt/gb_suse_2010_012.nasl |
2010-02-08 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-894-1 File : nvt/gb_ubuntu_USN_894_1.nasl |
2010-01-20 | Name : RedHat Update for kernel RHSA-2010:0046-01 File : nvt/gb_RHSA-2010_0046-01_kernel.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1540 File : nvt/RHSA_2009_1540.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-9044 (kernel) File : nvt/fcore_2009_9044.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63146 | Linux Kernel net/ipv6/ip6_output.c ip6_dst_lookup_tail() Function NULL Derefe... |
62380 | Linux Kernel kernel/futex.c wake_futex_pi Function Local DoS |
62379 | Linux Kernel mmap / mremap Function Local Privilege Escalation |
62168 | Linux Kernel mm/migrate.c do_pages_move() Function Local DoS |
62079 | Linux Kernel drivers/connector/connector.c Notification Code Local DoS |
61984 | Linux Kernel kernel/signal.c print_fatal_signal Function Log File Local Discl... |
61687 | Linux Kernel fs/fcntl.c fasync_helper Function Use-after-free Local Privilege... |
61670 | Linux Kernel net/bridge/netfilter/ebtables.c do_ebt_set_ctl Function Ethernet... |
56981 | Linux Kernel fs/proc/base.c mm_for_maps() Function Local Information Disclosure |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
2010-01-28 | IAVM : 2010-A-0015 - Multiple Vulnerabilities in Red Hat Linux Kernel Severity : Category I - VMSKEY : V0022631 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16471.nasl - Type : ACT_GATHER_INFO |
2015-04-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16473.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0476.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0504.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0398.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0147.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0146.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0046.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0149.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0148.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100701_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100506_kernel_on_SL_5_0.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100316_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100316_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6778.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6929.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7015.nasl - Type : ACT_GATHER_INFO |
2011-02-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0016.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6925.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6779.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-066.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-088.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO |
2010-07-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-1500.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-1804.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-1787.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-0919.nasl - Type : ACT_GATHER_INFO |
2010-06-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-947-2.nasl - Type : ACT_GATHER_INFO |
2010-06-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-947-1.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0398.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0147.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0146.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0398.nasl - Type : ACT_GATHER_INFO |
2010-05-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7011.nasl - Type : ACT_GATHER_INFO |
2010-03-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100317.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0147.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0146.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-914-1.nasl - Type : ACT_GATHER_INFO |
2010-03-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2012.nasl - Type : ACT_GATHER_INFO |
2010-03-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-100301.nasl - Type : ACT_GATHER_INFO |
2010-03-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100223.nasl - Type : ACT_GATHER_INFO |
2010-03-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-100223.nasl - Type : ACT_GATHER_INFO |
2010-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2005.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1996.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2003.nasl - Type : ACT_GATHER_INFO |
2010-02-18 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12578.nasl - Type : ACT_GATHER_INFO |
2010-02-16 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-100203.nasl - Type : ACT_GATHER_INFO |
2010-02-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100128.nasl - Type : ACT_GATHER_INFO |
2010-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-894-1.nasl - Type : ACT_GATHER_INFO |
2010-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0046.nasl - Type : ACT_GATHER_INFO |
2010-01-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0046.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2009-08-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9044.nasl - Type : ACT_GATHER_INFO |