Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | kernel security and bug fix update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2011:0007 | First vendor Publication | 2011-01-11 |
| Vendor | RedHat | Last vendor Modification | 2011-01-11 |
| Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 3. Description: * Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable permissions (which it does not, by default, on Red Hat Enterprise Linux 6), a local, unprivileged user could use this flaw to cause a denial of service or possibly escalate their privileges. (CVE-2010-2492, Important) * Integer overflow in the RDS protocol implementation could allow a local, unprivileged user to cause a denial of service or escalate their privileges. (CVE-2010-3865, Important) * Missing boundary checks in the PPP over L2TP sockets implementation could allow a local, unprivileged user to cause a denial of service or escalate their privileges. (CVE-2010-4160, Important) * NULL pointer dereference in the igb driver. If both Single Root I/O Virtualization (SR-IOV) and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * Missing initialization flaw in the XFS file system implementation, and in the network traffic policing implementation, could allow a local, unprivileged user to cause an information leak. (CVE-2010-3078, CVE-2010-3477, Moderate) * NULL pointer dereference in the Open Sound System compatible sequencer driver could allow a local, unprivileged user with access to /dev/sequencer to cause a denial of service. /dev/sequencer is only accessible to root and users in the audio group by default. (CVE-2010-3080, Moderate) * Flaw in the ethtool IOCTL handler could allow a local user to cause an information leak. (CVE-2010-3861, Moderate) * Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast Manager. On 64-bit systems, writing the socket address may overflow the procname character array. (CVE-2010-3874, Moderate) * Flaw in the module for monitoring the sockets of INET transport protocols could allow a local, unprivileged user to cause a denial of service. (CVE-2010-3880, Moderate) * Missing boundary checks in the block layer implementation could allow a local, unprivileged user to cause a denial of service. (CVE-2010-4162, CVE-2010-4163, CVE-2010-4668, Moderate) * NULL pointer dereference in the Bluetooth HCI UART driver could allow a local, unprivileged user to cause a denial of service. (CVE-2010-4242, Moderate) * Flaw in the Linux kernel CPU time clocks implementation for the POSIX clock interface could allow a local, unprivileged user to cause a denial of service. (CVE-2010-4248, Moderate) * Flaw in the garbage collector for AF_UNIX sockets could allow a local, unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate) * Missing upper bound integer check in the AIO implementation could allow a local, unprivileged user to cause an information leak. (CVE-2010-3067, Low) * Missing initialization flaws could lead to information leaks. (CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low) * Missing initialization flaw in KVM could allow a privileged host user with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low) Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492; Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163, CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and Stephan Mueller of atsec information security for reporting CVE-2010-4525. 4. Solution: Users should upgrade to these updated packages, which contain backported patches to correct these issues. Documentation for the bugs fixed by this update will be available shortly from the Technical Notes document, linked to in the References section. The system must be rebooted for this update to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 611385 - CVE-2010-2492 kernel: ecryptfs_uid_hash() buffer overflow 629441 - CVE-2010-3067 kernel: do_io_submit() infoleak 630551 - CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly 630804 - CVE-2010-3078 kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak 633140 - CVE-2010-3298 kernel: drivers/net/usb/hso.c: prevent reading uninitialized memory 636386 - CVE-2010-3477 kernel: net/sched/act_police.c infoleak 641410 - CVE-2010-4242 kernel: missing tty ops write function presence check in hci_uart_tty_open() 646725 - CVE-2010-3861 kernel: heap contents leak from ETHTOOL_GRXCLSRLALL 647391 - kernel BUG at mm/migrate.c:113! [rhel-6.0.z] 647416 - CVE-2010-3865 kernel: iovec integer overflow in net/rds/rdma.c 648408 - Do not mix FMODE_ and O_ flags with break_lease() and may_open() [rhel-6.0.z] 648656 - CVE-2010-4072 kernel: ipc/shm.c: reading uninitialized stack memory 648658 - CVE-2010-4073 kernel: ipc/compat*.c: reading uninitialized stack memory 648659 - CVE-2010-4074 kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory 648660 - CVE-2010-4075 kernel: drivers/serial/serial_core.c: reading uninitialized stack memory 648663 - CVE-2010-4077 kernel: drivers/char/nozomi.c: reading uninitialized stack memory 648666 - CVE-2010-4079 kernel: drivers/video/ivtv/ivtvfb.c: reading uninitialized stack memory 648669 - CVE-2010-4080 kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory 648670 - CVE-2010-4081 kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory 648671 - CVE-2010-4082 kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory 648673 - CVE-2010-4083 kernel: ipc/sem.c: reading uninitialized stack memory 649695 - CVE-2010-3874 kernel: CAN minor heap overflow 649715 - CVE-2010-3876 kernel: net/packet/af_packet.c: reading uninitialized stack memory 651264 - CVE-2010-3880 kernel: logic error in INET_DIAG bytecode auditing 651698 - CVE-2010-4158 kernel: socket filters infoleak 651892 - CVE-2010-4160 kernel: L2TP send buffer allocation size overflows 652529 - CVE-2010-4162 kernel: bio: integer overflow page count when mapping/copying user data 652957 - CVE-2010-4163 CVE-2010-4668 kernel: panic when submitting certain 0-length I/O requests 653340 - [kvm] VIRT-IO NIC state is reported as 'unknown' on vm running over RHEL6 host [rhel-6.0.z] 656264 - CVE-2010-4248 kernel: posix-cpu-timers: workaround to suppress the problems with mt exec 656756 - CVE-2010-4249 kernel: unix socket local dos 658879 - kernel 2.6.32-84.el6 breaks systemtap [rhel-6.0.z] 659611 - lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler [rhel-6.0.z] 660188 - CVE-2010-4263 kernel: igb panics when receiving tag vlan packet 660244 - lpfc: Set heartbeat timer off by default [rhel-6.0.z] 660591 - neighbour update causes an Oops when using tunnel device [rhel-6.0.z] 665470 - CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2011-0007.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 48 % | CWE-200 | Information Exposure |
| 16 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 8 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 4 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 4 % | CWE-476 | NULL Pointer Dereference |
| 4 % | CWE-415 | Double Free |
| 4 % | CWE-399 | Resource Management Errors |
| 4 % | CWE-362 | Race Condition |
| 4 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
| 4 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:12770 | |||
| Oval ID: | oval:org.mitre.oval:def:12770 | ||
| Title: | USN-1074-1 -- linux-fsl-imx51 vulnerabilities | ||
| Description: | Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1074-1 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2240 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2803 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2959 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3861 CVE-2010-3904 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
| Platform(s): | Ubuntu 9.10 | Product(s): | linux-fsl-imx51 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13173 | |||
| Oval ID: | oval:org.mitre.oval:def:13173 | ||
| Title: | USN-1086-1 -- linux-ec2 vulnerabilities | ||
| Description: | Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1086-1 CVE-2010-4075 CVE-2010-4158 CVE-2010-4163 CVE-2010-4668 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13363 | |||
| Oval ID: | oval:org.mitre.oval:def:13363 | ||
| Title: | USN-1074-2 -- linux-fsl-imx51 vulnerabilities | ||
| Description: | USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1074-2 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3301 CVE-2010-3081 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3858 CVE-2010-3861 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-fsl-imx51 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19965 | |||
| Oval ID: | oval:org.mitre.oval:def:19965 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4263 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19982 | |||
| Oval ID: | oval:org.mitre.oval:def:19982 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4073 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20098 | |||
| Oval ID: | oval:org.mitre.oval:def:20098 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3067 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20153 | |||
| Oval ID: | oval:org.mitre.oval:def:20153 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2492 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20281 | |||
| Oval ID: | oval:org.mitre.oval:def:20281 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4248 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20378 | |||
| Oval ID: | oval:org.mitre.oval:def:20378 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4158 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20379 | |||
| Oval ID: | oval:org.mitre.oval:def:20379 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3876 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20436 | |||
| Oval ID: | oval:org.mitre.oval:def:20436 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4072 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20441 | |||
| Oval ID: | oval:org.mitre.oval:def:20441 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3865 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20452 | |||
| Oval ID: | oval:org.mitre.oval:def:20452 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3477 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20480 | |||
| Oval ID: | oval:org.mitre.oval:def:20480 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4242 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20523 | |||
| Oval ID: | oval:org.mitre.oval:def:20523 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4075 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20553 | |||
| Oval ID: | oval:org.mitre.oval:def:20553 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3880 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20569 | |||
| Oval ID: | oval:org.mitre.oval:def:20569 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4080 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20595 | |||
| Oval ID: | oval:org.mitre.oval:def:20595 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3078 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20611 | |||
| Oval ID: | oval:org.mitre.oval:def:20611 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4249 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20621 | |||
| Oval ID: | oval:org.mitre.oval:def:20621 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4081 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21679 | |||
| Oval ID: | oval:org.mitre.oval:def:21679 | ||
| Title: | RHSA-2011:0028: kvm security and bug fix update (Low) | ||
| Description: | Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0028-01 CVE-2010-4525 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | kvm |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22159 | |||
| Oval ID: | oval:org.mitre.oval:def:22159 | ||
| Title: | RHSA-2010:0839: kernel security and bug fix update (Moderate) | ||
| Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0839-01 CESA-2010:0839 CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3448 CVE-2010-3477 | Version: | 81 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23178 | |||
| Oval ID: | oval:org.mitre.oval:def:23178 | ||
| Title: | ELSA-2011:0028: kvm security and bug fix update (Low) | ||
| Description: | Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via unspecified vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0028-01 CVE-2010-4525 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | kvm |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27240 | |||
| Oval ID: | oval:org.mitre.oval:def:27240 | ||
| Title: | ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-2009 CVE-2010-3477 CVE-2010-3904 CVE-2010-3067 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27747 | |||
| Oval ID: | oval:org.mitre.oval:def:27747 | ||
| Title: | DEPRECATED: ELSA-2011-0028 -- kvm security and bug fix update (low) | ||
| Description: | A data structure field in kvm_vcpu_ioctl_x86_get_vcpu_events() in QEMU-KVM was not initialized properly before being copied to user-space. A privileged host user with access to "/dev/kvm" could use this flaw to leak kernel stack memory to user-space. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0028 CVE-2010-4525 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kvm |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27959 | |||
| Oval ID: | oval:org.mitre.oval:def:27959 | ||
| Title: | ELSA-2011-2010 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | [2.6.32-100.28.9.el6] - sync up the version [2.6.32-100.28.8.el6] - [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668} - scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249} - perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169} - tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165} - Enable module force load option [orabug 11782146] - Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522] [2.6.32-100.28.7.el6] - build from git [2.6.32-100.28.6.el6] - Remove crashkernel option if it is present [bug 11714928] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-2010 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 CVE-2010-4668 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28117 | |||
| Oval ID: | oval:org.mitre.oval:def:28117 | ||
| Title: | DEPRECATED: ELSA-2011-0004 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0004 CVE-2010-3432 CVE-2010-3442 CVE-2010-3699 CVE-2010-3858 CVE-2010-3859 CVE-2010-3865 CVE-2010-3876 CVE-2010-3880 CVE-2010-4083 CVE-2010-4157 CVE-2010-4161 CVE-2010-4242 CVE-2010-4247 CVE-2010-4248 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-09-05 | Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit |
| 2011-03-14 | Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel) File : nvt/gb_suse_2012_0206_1.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel) File : nvt/gb_suse_2012_0236_1.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64 File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64 File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl |
| 2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
| 2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1183-1 File : nvt/gb_ubuntu_USN_1183_1.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0303 centos5 i386 File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0004 centos5 i386 File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0839 centos5 i386 File : nvt/gb_CESA-2010_0839_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0723 centos5 i386 File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
| 2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
| 2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
| 2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
| 2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
| 2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
| 2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
| 2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
| 2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
| 2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
| 2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
| 2011-03-07 | Name : RedHat Update for kernel RHSA-2011:0303-01 File : nvt/gb_RHSA-2011_0303-01_kernel.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1 File : nvt/gb_ubuntu_USN_1071_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux vulnerabilities USN-1072-1 File : nvt/gb_ubuntu_USN_1072_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1 File : nvt/gb_ubuntu_USN_1073_1.nasl |
| 2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
| 2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
| 2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
| 2011-02-04 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1 File : nvt/gb_ubuntu_USN_1054_1.nasl |
| 2011-02-04 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1 File : nvt/gb_ubuntu_USN_1057_1.nasl |
| 2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
| 2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
| 2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
| 2011-01-14 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1 File : nvt/gb_ubuntu_USN_1041_1.nasl |
| 2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:047 File : nvt/gb_suse_2010_047.nasl |
| 2011-01-11 | Name : RedHat Update for kernel RHSA-2011:0004-01 File : nvt/gb_RHSA-2011_0004-01_kernel.nasl |
| 2011-01-04 | Name : Mandriva Update for kernel MDVSA-2010:257 (kernel) File : nvt/gb_mandriva_MDVSA_2010_257.nasl |
| 2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
| 2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-14832 File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl |
| 2010-11-16 | Name : RedHat Update for kernel RHSA-2010:0839-01 File : nvt/gb_RHSA-2010_0839-01_kernel.nasl |
| 2010-11-04 | Name : CentOS Update for kernel CESA-2010:0779 centos4 i386 File : nvt/gb_CESA-2010_0779_kernel_centos4_i386.nasl |
| 2010-10-22 | Name : RedHat Update for kernel RHSA-2010:0779-01 File : nvt/gb_RHSA-2010_0779-01_kernel.nasl |
| 2010-10-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1 File : nvt/gb_ubuntu_USN_1000_1.nasl |
| 2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
| 2010-10-10 | Name : Debian Security Advisory DSA 2110-1 (linux-2.6) File : nvt/deb_2110_1.nasl |
| 2010-10-01 | Name : RedHat Update for kernel RHSA-2010:0723-01 File : nvt/gb_RHSA-2010_0723-01_kernel.nasl |
| 2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
| 2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:172 (kernel) File : nvt/gb_mandriva_MDVSA_2010_172.nasl |
| 2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14878 File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14890 File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl |
| 2010-08-06 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-966-1 File : nvt/gb_ubuntu_USN_966_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 70483 | Linux Kernel igb Subsystem drivers/net/igb/igb_main.c igb_receive_skb Functio... Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when the 'igb_receive_skb 'function in 'drivers/net/igb/igb_main.c' in the Intel Gigabit Ethernet subsystem has SR-IOV and promiscuous mode enabled without any VLANs registered. This may allow a remote attacker to cause a NULL pointer dereference and panic denial of service via a VLAN tagged frame. |
| 70379 | Linux Kernel drivers/bluetooth/hci_ldisc.c hci_uart_tty_open Function NULL De... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'hci_uart_tty_open' function in 'drivers/bluetooth/hci_ldisc.c' fails to properly verify whether the tty has a write operation, allowing a local attacker to cause a NULL pointer dereference denial of service via vectors related to the Bluetooth driver. |
| 70377 | Linux Kernel kvm_vcpu_events.interrupt.pad Structure Member Stack Memory Loca... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when Linux Kernel fails to properly initialize the 'kvm_vcpu_events->interrupt.pad' structure member, which will disclose kernal stack memory information to a local attacker. |
| 70375 | Linux Kernel net/rds/rdma.c rds_rdma_pages Function RDS Request iovec Struct ... Linux Kernel is prone to an overflow condition. The 'rds_rdma_pages' function in 'net/rds/rdma.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted iovec struct in a reliable datagram sockets (RDS) request a local attacker can cause a denial of service. It is also possible, though not yet confirmed, that this vulnerability would allow the execution of arbitrary code. |
| 70336 | Linux Kernel net/l2tp/l2tp_ip.c l2tp_ip_sendmsg Function Crafted sendto Call ... Linux Kernel is prone to an overflow condition. The l'2tp_ip_sendmsg' function in 'net/l2tp/l2tp_ip.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted sendto call, a local attacker can potentially gain elevated privileges. |
| 70335 | Linux Kernel net/l2tp/l2tp_ppp.c pppol2tp_sendmsg Function Crafted sendto Cal... Linux Kernel is prone to an overflow condition. The 'pppol2tp_sendmsg' function in 'net/l2tp/l2tp_ppp.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted sendto call, a local attacker can potentially gain elevated privileges. |
| 70227 | Linux Kernel on 64-bit Controller Area Network net/can/bcm.c bcm_connect Func... Linux Kernel on 64-bit is prone to an overflow condition. The 'bcm_connect' function in 'net/can/bcm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted connect operation, a local attacker can potentially cause a denial of service via memory corruption. |
| 69788 | Linux Kernel net/ipv4/inet_diag.c Netlink Message Crafted INET_DIAG_REQ_BYTEC... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'net/ipv4/inet_diag.c' fails to properly audit 'INET_DIAG' bytecode, allowing a local attacker to use a crafted 'INET_DIAG_REQ_BYTECODE' instruction in a netlink message containing multiple attribute elements to cause a denial of service via a kernel infinite loop. |
| 69787 | Linux Kernel net/core/ethtool.c ethtool_get_rxnfc Function ETHTOOL_GRXCLSRLAL... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ethtool_get_rxnfc' function in 'net/core/ethtool.c' fails to initialize a certain block of heap memory, which will disclose potentitally sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value to a local attacker. |
| 69578 | Linux Kernel kernel/exit.c the __exit_signal Function Thread Group Leader Rac... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a race condition in the '__exit_signal' function in 'kernel/exit.c' is exploited to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in 'kernel/posix-cpu-timers.c', and the selection of a new thread group leader in the 'de_thread' function 'in fs/exec.c'. |
| 69577 | Linux Kernel ipc/sem.c copy_semid_to_user Function semctl Call Local Memory D... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_semid_to_user' function in 'ipc/sem.c' fails to initialize a certain structure, which will disclose potentially sensitive kernel stack memory via a 'IPC_INFO', 'SEM_INFO', 'IPC_STAT' or 'SEM_STAT' semctl system call to a local attacker. |
| 69554 | Linux Kernel drivers/video/via/ioctl.c viafb_ioctl_get_viafb_info VIAFB_GET_I... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'viafb_ioctl_get_viafb_info' function in 'drivers/video/via/ioctl.c' fails to properly initialize a certain structure member, which will disclose kernel stack memory information via a 'VIAFB_GET_INFO IOCTL' call to a local attacker. |
| 69553 | Linux Kernel sound/pci/rme9652/hdspm.c snd_hdspm_hwdep_ioctl Function SNDRV_H... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdspm_hwdep_ioctl' function in 'sound/pci/rme9652/hdspm.c' fails to properly initialize a certain structure occurs, which will disclose potentially sensitive kernel stack memory information via an 'SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
| 69552 | Linux Kernel sound/pci/rme9652/hdsp.c snd_hdsp_hwdep_ioctl Function SNDRV_HDS... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdsp_hwdep_ioctl' function in 'sound/pci/rme9652/hdsp.c' fails to initialize a certain structure, disclosing information from kernel stack memory via an 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
| 69531 | Linux Kernel ipc Subsystem ipc/compat_mq.c Multiple Function Local Memory Dis... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_mq_open' and 'compat_sys_mq_getsetattr' functions in 'ipc/compat_mq.c'. |
| 69530 | Linux Kernel ipc Subsystem ipc/compat.c Multiple Function Local Memory Disclo... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_semctl', 'compat_sys_msgctl', and 'compat_sys_shmctl' functions in 'ipc/compat.c'. |
| 69529 | Linux Kernel USB Subsystem drivers/usb/serial/mos7840.c mos7840_ioctl Functio... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the USB Subsystem fails to properly initialize certain structure members, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call, and the 'mos7720_ioctl' function in 'drivers/usb/serial/mos7720.c' and 'mos7840_ioctl' function in 'drivers/usb/serial/mos7840.c'. |
| 69528 | Linux Kernel USB Subsystem drivers/usb/serial/mos7720.c mos7720_ioctl Functio... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the USB Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call and the 'mos7720_ioctl' function in 'drivers/usb/serial/mos7720.c' and the 'mos7840_ioctl' function in 'drivers/usb/serial/mos7840.c'. |
| 69527 | Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets. |
| 69526 | Linux Kernel drivers/media/video/ivtv/ivtvfb.c ivtvfb_ioctl Function FBIOGET_... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ivtvfb_ioctl' function in 'drivers/media/video/ivtv/ivtvfb.c' fails to properly initialize a certain structure member, which will disclose potentially sensitive kernal stack memory information via an FBIOGET_VBLANK IOTCL call to a local attacker. |
| 69524 | Linux Kernel drivers/char/nozomi.c ntty_ioctl_tiocgicount Function TIOCGICOUN... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ntty_ioctl_tiocgicount' function in 'drivers/char/nozomi.c' fails to properly initialize a certain structure member, which will disclose potentially sensitive information from the kernel stack memory to a local attacker. |
| 69522 | Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call. |
| 69521 | Linux Kernel ipc/shm.c copy_shmid_to_user Function shmctl System Call Local M... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_shmid_to_user' function in 'ipc/shm.c' fails to properly initialize an unspecified structure, which can be exploited via the shmctl system call to disclose kernel stack memory to a local attacker. |
| 69453 | Linux Kernel block/blk-map.c blk_rq_map_user_iov() Function Zero-length I/O R... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when an error within the 'blk_rq_map_user_iov()' function in 'block/blk-map.c' when processing zero-length I/O requests occurs, allowing an attacker to cause a loss of availability. |
| 69452 | Linux Kernel fs/bio.c Multiple Function Page Allocation Crafted IOCTL Local O... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when page calculation errors in the 'bio_copy_user_iov()' and '__bio_map_user_iov()' functions within fs/bio.c are exploited to cause a large allocation. This will result in loss of availability. |
| 69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
| 69162 | Linux Kernel net/packet/af_packet.c Multiple Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'packet_getname_spkt()' and 'packet_getname()' functions in 'net/packet/af_packet.c' fail to properly initialize a member of a certain structure before copying it to userspace, which will disclose kernel stack memory to a local attacker. |
| 68307 | Linux Kernel drivers/net/usb/hso.c hso_get_count Function TIOCGICOUNT IOCTL L... |
| 68177 | Linux Kernel net/sched/act_police.c tcf_act_police_dump Function Network Queu... |
| 68176 | Linux Kernel sound/core/seq/oss/seq_oss_init.c snd_seq_oss_open Function Doub... |
| 68174 | Linux Kernel fs/aio.c do_io_submit Function Crafted io_submit System Call Loc... |
| 67893 | Linux Kernel eCryptfs Subsystem fs/ecryptfs/messaging.c ecryptfs_uid_hash Mac... |
| 67881 | Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100915.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2009.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
| 2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0028.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101109_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110113_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
| 2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
| 2011-02-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1057-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101102.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-ec2-101103.nasl - Type : ACT_GATHER_INFO |
| 2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
| 2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2011-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
| 2010-12-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
| 2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO |
| 2010-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1023-1.nasl - Type : ACT_GATHER_INFO |
| 2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2010-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO |
| 2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
| 2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-09-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12646.nasl - Type : ACT_GATHER_INFO |
| 2010-09-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO |
| 2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO |
| 2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO |
| 2010-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO |
| 2010-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO |
| 2010-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-966-1.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:54:13 |
|
