Executive Summary
Summary | |
---|---|
Title | Red Hat Enterprise Linux 5.6 kernel security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0017 | First vendor Publication | 2011-01-13 |
Vendor | RedHat | Last vendor Modification | 2011-01-13 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 1.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the sixth regular update. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A NULL pointer dereference flaw was found in the igb driver in the Linux kernel. If both the Single Root I/O Virtualization (SR-IOV) feature and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. (CVE-2010-4238, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) * A flaw was found in fixup_page_fault() in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-4255, Moderate) * A missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the "/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate) * Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158, Low) Red Hat would like to thank Kosuke Tatsukawa for reporting CVE-2010-4263; Vladymyr Denysov for reporting CVE-2010-4238; Brad Spengler for reporting CVE-2010-4243; Dan Rosenberg for reporting CVE-2010-3296, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, and CVE-2010-4158; Vasiliy Kulikov for reporting CVE-2010-3877; and Kees Cook for reporting CVE-2010-4072. These updated packages also include several hundred bug fixes for and enhancements to the Linux kernel. Space precludes documenting each of these changes in this advisory and users are directed to the Red Hat Enterprise Linux 5.6 Release Notes for information on the most significant of these changes: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Release_Notes/index.html Refer to the kernel chapter in the Red Hat Enterprise Linux 5.6 Technical Notes for further information: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Technical_Notes/kernel.html All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which address these vulnerabilities as well as fixing the bugs and adding the enhancements noted in the Red Hat Enterprise Linux 5.6 Release Notes and Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 237372 - Marvell PATA not supported 429102 - Allocations on resume path can cause deadlock due to attempting to swap 441243 - kernel keyring quotas exceeded 455323 - No support for upstream /proc/sys/kernel/nmi_watchdog. 456765 - kabitool blocks custom kernel builds when kernel version > 2.6.18-53.1.21.el5 459901 - race condition between AIO and setresuid() 466088 - dm-snapshot: very slow write to snapshot origin when copy-on-write occurs 466157 - kernel doesn't supply memory fields in getrusage, /usr/bin/time anything shows "... (0avgtext+0avgdata 0maxresident)k ..." 470801 - Read from /proc/xen/xenbus does not honor O_NONBLOCK 479418 - second cifs mount to samba server fails when samba using security=ADS 485903 - [RHEL5] Netfilter modules unloading hangs 488882 - cxgb3 driver very slow under Xen with HW acceleration enabled 493047 - Oprofile - Add Dunnington processors to the list of ppro cores 494400 - TCP: Treason uncloaked! during Network Stress Testing 496127 - [RHEL5.5] e1000e devices fail to initialize interrupts properly 499553 - Cannot generate proper stacktrace on xen-ia64 503864 - The USB storage cannot use >2TB. 504188 - GFS1 vs GFS2 performance issue 506694 - kdump hangs up if INIT is received while kdump is starting 507846 - Balloon driver gives up too easily when ballooning up under memory pressure 513934 - Keyboard LEDs constantly lit 516289 - bonding: backport code to allow user-controlled output slave detection. 516851 - [Stratus 5.6 bug] System crashes at uhci_scan_schedule(). 516985 - When bonding is used and IPV6 is enabled the message of 'kernel: bond0: duplicate address detected!' is output 521878 - Fix instances of #!/usr/bin/env python in kernel-devel-packages 523341 - PCI SR-IOV BAR resources can't be reliably mapped 523920 - [Adaptec/HCL 5.6 bug] Problems with aacraid - File system going into read-only. 529914 - GFS2 fatal: filesystem consistency error on rename 530123 - [Dell 5.5 FEAT] autoload tpm_tis driver 533093 - Certain newer WDC SATA drives identified as SEMB 533391 - Kernel panic: EDAC MC0: INTERNAL ERROR: channel-b out of range 538022 - java.util.concurrent: long delay and intervals drift since kernel update to 164 539560 - tcp_disconnect should clear all of tp->rx_opt .... 539626 - default txqueuelen of vif device is too small 540786 - support supplementary groups of tun/tap devices 541224 - net: possible leak of dst_entry (ipv4) 546060 - soft lockup while unmounting a read-only filesystem with errors (As per Redhat Bug #429054) 546455 - kernel bug: quota file size not a multiple of struct gfs2_quota 546554 - kernel: no clue to find what is happening when hitting a lockdep limit 546700 - Deadlock in aio 551028 - nfsv4 hangs -- kernel: decode_op_hdr: reply buffer overflowed in line 2121 552574 - Guest could not join the multicast group with virtio NIC 552886 - [RHEL5] ip_mc_sf_allow() has a lock problem 553407 - nanosleep() is unstable on xen kernel and ntpd with -x option 554706 - Kernel: network: bonding: scheduling while atomic: ifdown-eth/0x00000100/21775 554872 - Periodic ata exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen messages 555197 - dm-raid1: fix data lost at mirror log failure 555708 - kABI whitelist request for Fujitsu modules 555910 - xen migration fails when a full virt guest uses the xen-vnif driver 556476 - Update sfc driver (add SFC9000 support) 557423 - nfs: sys_read sometimes returns -EIO 558999 - [Broadcom 5.6 bug] kABI whitelist request for bnx2i 559815 - ACPI _SDD failed (AE 0x5) messages on boot 560540 - Reserve PNP enumerated system board iomem resources 560870 - Update Neighbor Cache when IPv6 RA is received on a router 562220 - IP PACKET DOES NOT TRANSMIT USING RAW SOCKETS 563271 - ITE it887x chipset serial ports don't work 564249 - [LSI 5.6 feat] update megaraid_sas to version 4.31 565560 - [5.6 FEAT] KVM network performance: Defer skb allocation in virtio-net 565973 - [EMC 5.6 bug] security and PSF update patch for EMC CKD ioctl 565974 - [5.6 FEAT] NFSv4 remove does not wait for close. Silly rename 566104 - route: BUG at include/linux/timer.h:82 (call from rt_secret_rebuild_oneshot) 566144 - Loading NAT module with/without rules affects ping behaviour 566767 - [Emulex 5.6 bug] kABI whitelist request for lpfc 567092 - possible recursive locking of inode by nfsd 567428 - [QLogic 5.6 FEAT] Update qla2xxx driver to version 8.03.01.05.05.06-k 567444 - RHEL5.6: cxgb3i driver update 567462 - [Broadcom 5.6 feat] Update tg3 to version 3.108+ and add 5718 B0, 5719 support 567479 - fasync_helper patch causing problems with GPFS 567604 - [Regression] bonding: 802.3ad problems with link detection 568111 - [Cisco 5.6 FEAT] Update enic driver to version 1.4.1.2 568601 - [Broadcom 5.6 FEAT] Update bnx2 to 2.0.8+ 568606 - [Broadcom 5.6 FEAT] Update bnx2i driver and add 57712 support 569106 - netconsole fails with tg3 569342 - [5.4] nfsd dereferences uninitialized list head on error exit in nfsd4_list_rec_dir() 569643 - [Emulex 5.6 feat] Add be2iscsi driver for BE3 asic 569654 - boot hangs if scsi read capacity fails on faulty non system drive 570044 - kernel panic when rmmod and insmod rpcsec_gss_krb5 module 570091 - cpu flags missing from /proc/cpuinfo 570491 - vmalloc ENOMEM caused by iptables 570604 - X can't get signals with DRI 570610 - [RHEL5]: Add thread_siblings_list to /sys 570645 - [RHEL5] bonding mode 0 doesn't resend IGMP after a failure 570681 - REGRESSION: Fix iscsi failover time 570824 - Timedrift on VM with pv_clock enabled, causing system hangs and sporadic time behaviour 571518 - revalidate dentries provided by LAST_BIND symlinks 571735 - backports of virtio_blk barrier support 571862 - [Emulex 5.6 feat] Update lpfc driver to version 8.2.0.73.1p and include BE3 asic 571864 - RHEL5: coretemp: fix cpu model output 572004 - [LSI 5.6 FEAT] Update 3w-9xxx driver to v2.26.08.007-2.6.18RH 572011 - [LSI 5.6 FEAT] Add 3w-sas driver and update to v3.26.00.028-2.6.18RH 572285 - Add /sys/devices/system/node/nodeX/cpulist files 572930 - Bad ext4 sync performance on 16 TB GPT partition 573106 - [Stratus 5.6 bug] task md0_resync:18061 blocked for more than 120 seconds 573185 - large storage data corruption on 32 bit 573652 - Regression: AUTH_SYS cannot be requested using the 'sec=sys' export option. 573771 - should set ISVM bit (ECX:31) for CPUID leaf 0x00000001 574285 - 25% performance regression of concurrent O_DIRECT writes. 574557 - [Cisco 5.6 bug] kABI request for fcoe 574913 - memory leak when ipv6 interface disabled in sysctl.conf 575309 - Kernel panic - not syncing: IO-APIC + timer doesn't work! 575817 - nfsv4 hangs -- client/server deadlock between commit and delegation return 576246 - missing power_meter release() function 576709 - [Cisco 5.6 bug] fnic: flush Tx queue bug fix 577182 - vxge: not enough MMIO resources for SR-IOV error 578005 - [Broadcom 5.6 bug] Cannot login to iSCSI target when bnx2i is loaded last 578259 - Network throughput drops seriously on DomU to DomU node traffic on RHEL5.3 Xen when NIC performs RSC. 578261 - [5.5] SCTP: Check if the file structure is valid before checking the non-blocking flag 578492 - e1000_clean_tx_irq: Detected Tx Unit Hang 578531 - [RHEL5.5] soft lockup on vlan with bonding in balance-alb mode 578905 - RHEL 5.3 on DL585 G6: testing NMI watchdog fails on bootup 580699 - hwmon: (coretemp) Get TjMax value from MSR for i series CPUs 581396 - [PATCH][RHEL5.5] Fix Time drift on KVM x86_64 RHEL5.5 Guest using PV clock 581654 - RTL-8169 Gigatit Ethernet network devices mac address changes after soft reboot. 581933 - pci_mmcfg_init() making some of main memory uncacheable 582003 - Enable LED support in iwlagn and iwl3945 drivers (IWLWIFI_LEDS) 582237 - "hung_task" feature port is incomplete 582321 - VFS: Busy inodes after unmount issue. 582367 - implement dev_disable_lro for RHEL5 582435 - [Stratus 5.6 bug] Circular lock dep warning on cfq_exit_lock 582722 - TCP socket premature timeout with FRTO and TSO 582886 - The assigned VF cannot be found in PV guest. 583673 - set-cpu_llc_id-on-amd-cpus patch: undefined variable 'cpu' in in amd_detect_cmp() 583767 - dev_set_name() undefined in net/wireless/cfg80211.ko in some cases 584412 - transmission stops when tap does not consume 584679 - The kvm clock couldn't go back after stop/continue 585431 - Add log message for unhandled sense error REPORTED_LUNS_DATA_CHANGED 586482 - ATIIXP IDE driver reuses ide_lock unsafely 588015 - x86_64 host on Nehalem-EX machines will panic when installing a 4.8 GA kvm guest 588599 - Kernel BUG at fs/ext3/super.c:425 590760 - compiling a xen config produces lots of pud_present warnings 590763 - PG_error bit is never cleared, even when a fresh I/O to the page succeeds 590864 - Unkillable processes 591548 - netback does not properly get to the Connected state after it's been Closed 591674 - [Emulex 5.6 bug] Update lpfc driver to version 8.2.0.76.1p 592322 - [RHEL 5] Errors when Accessing iSCSI luns via iSER - timing out command 592908 - Memory leak when nfs shares are mounted with option "nolock" 592961 - ext3: fsync() does not flush disk caches 593040 - TCP: avoid to send keepalive probes if receiving data 593801 - [RHEL5.5] TCP bandwidth problems with TPA and bnx2x cards 593862 - [RHEL5.5] Self-test using 'ethtool -t ethX' fails with "Cannot test: Operation not supported" 594404 - [RHEL 5.5] vxge: unable to create VLAN 594546 - [Intel 5.6 Bug] CPU synchronization required when doing MTRR register update 594635 - kernel: security: testing the wrong variable in create_by_name() [rhel-5.6] 595397 - GFS2: stuck in inode wait, no glocks stuck 595548 - [Broadcom 5.6 bug] bnx2i: MTU change does not work 595862 - [Broadcom 5.6 bug] cnic: Panic in cnic_iscsi_nl_msg_recv() 596548 - dcache unused accounting problem 596626 - Create reliable implementation of cancel_(delayed)_work_sync() in RHEL5 597143 - [LSI 5.6 bug] kABI request for mptsas, mpt2sas 597334 - reg_regdb_search_lock calls kmalloc while holding spinlock 598946 - [NetApp 5.6 bug] QLogic FC firmware errors seen on RHEL 5.5 599295 - Significant MSI performance issue due to redundant interrupt masking 600387 - gfs2 kernel - Better error reporting when mounting a gfs fs without enough journals 601692 - RFE virtio balloon driver does not include extended memory statistics 601800 - NFS-over-GFS out-of-order GETATTR Reply causes corruption 602402 - bnx2x panic dumps with multiple interfaces enabled 603706 - cifs: busy file renames across directories should fail with error 603806 - [Emulex 5.6 bug] Update lpfc driver to version 8.2.0.77 604044 - NFS4 breaks when server returns NFS4ERR_FILE_OPEN 604779 - Page out activity when there is no current VM load 605259 - tcp: sending reset to the already closed socket 605265 - kernel bug in cfq merge logic 605305 - need to backport 2e3219b5c8a2e44e0b83ae6e04f52f20a82ac0f2 605697 - [RHEL 5.5] 32-bit pvhvm guest on 64-bit host crash w/xm mem-set 605720 - [RHEL 5.5] nfs: fix compatibility with hpux clients 605816 - [RHEL 5.6] move Tausworthe net_random generator to lib/random32 606851 - Wrong /proc/cpuinfo for Pentium D reported on RHEL 4.8 (only x86_64) and RHEL 5.5 (both i386 and x86_64) 607443 - soft lockup inside rhel5 guest 608641 - vegas and veno possible division by zero bug 608801 - [Emulex 5.6 bug] be2iscsi: IO stalls if any SGE size=65536 609668 - kswapd hung in D state with fragmented memory and large order allocations 610234 - [5u6] Bonding in ALB mode sends ARP in loop 611938 - [RHEL5u3] System panic at sunrpc xprt_autoclose() 612212 - igb: typo in igb aer code 613134 - [QLogic 5.6 FEAT] Add P3+ AER support to qla2xxx 613187 - xen Windows 2008 guest crashes on RHEL 5.4 613667 - always print the number of triggered NMI during test at boot 613780 - [RHEL 5.5] igb driver re-order UDP packets when multi-queue is enabled 614281 - [QLogic 5.6 FEAT] Feature Updates and Bug Fixes for qlcnic 614957 - ext4: mount error path corrupts slab memory 615227 - fix oops in clusterip_seq_stop when memory allocation fails. 615229 - fix oops in dl_seq_stop when memory allocation fails. 616512 - [Emulex 5.6 feat] Update be2net to version 2.102.404r 617024 - [Broadcom 5.6 FEAT] bnx2: add AER support. 617268 - kernel crash in br_nf_pre_routing_finish 617690 - ext4 and xfs wrong data returned on read after write if file size was changed with ftruncate 618075 - RHEL5.5 boot fail with IDE controller enabled on Cobia 618114 - Kernel panic on reading from /proc/bus/pci/XX/YY while hot-removing the device. 618512 - [QLogic 5.6] kABI whitelist request for qla4xxx 619070 - 802.3ad link aggregation won't work with newer (2.6.194-8.1.el5) kernel and ixgbe driver 619112 - CIFS mount to samba3x share shows differing ownership on sequential stat() calls to same file 619361 - [NetApp 5.6 bug] SCSI ALUA handler fails to handle ALUA transitioning properly 619767 - Update cnic to 2.1.3 619814 - [Qlogic 5.6 bug] qla2xxx: Back port of upstream fixes 619917 - [Emulex 5.6 feat] Update lpfc driver to version 8.2.0.80 620037 - virtio-serial - need to back port guest driver to RHEL 5 620502 - [NetApp 5.6 bug] RHEL NFS clients disconnected from NetApp NFSv4 shares with: v4 server returned a bad sequence-id error! 620508 - system crashes due to corrupt net_device_wrapper structure 621105 - backport wireless upstream 2.6.32.18 fixes 621280 - [5u5] bonding: fix a race condition in calls to slave MII ioctls 622024 - 64-bit kernel unable to oprofile 32-bit processes 622559 - libata: fix suspend/resume for ATA SEMB devices 623519 - ENOPERM when reading /proc/sys/vm/mmap_min_addr 623595 - move iscsi/iser to passthrough mode, fix functioning and failover time under DM multipath 623675 - [QLogic 5.6 feat] qla4xxx: Update driver to 5.02.03.00.05.06-d1 624598 - Win7 and Windows 2008 R2 xen guests with multiple vcpus can't restart 624710 - [QLogic 5.6 FEAT] qla4xxx: Add PCIe AER support 624862 - [rhel5.6] XFS incorrectly validates inodes 625061 - igb doesn't see link status changes on 82580 NIC 625079 - [QLogic 5.6 bug] netxen: Fix enabling VLAN TSO/LSO 625084 - [QLogic 5.6 bug] qlcnic: Fix netdev features and other fixes 625688 - CVE-2010-4243 kernel: mm: mem allocated invisible to oom_kill() when not attached to any threads 625841 - lpfc ioctl crash in lpfc_nlp_put() 625902 - [Xen] backport NMI injection for HVM guests 625903 - [Xen] backport hardware task switching for HVM guests 626018 - Allow using crc32c hardware accelerated engine on Intel Nehalem processor 626566 - IPR driver needs fixes to support the new Cubic-R adapter 626963 - AIO uses igrab in the submission path, which causes undue lock contention 627612 - [QLogic 5.6 BUG] qla2xxx: Correctly displaying the link state for disconnected port. 627836 - retry rather than fastfail DID_REQUEUE scsi errors with dm-multipath 627974 - Scheduling while atomic when removing slave tg3 interface from bonding 628828 - Fix hot-unplug handling of virtio-console ports 628831 - Enable NAPI for forcedeth driver 629081 - Bug 466441 reintroduced in kernel 2.6.18-194.el5 629176 - kernel: Problem with execve(2) reintroduced [rhel-5.6] 629457 - vlan: control vlan device TSO status with ethtool 629626 - groups_search() cannot handle large gid correctly 629634 - add pr_*(), netdev_*(), netif_*() printk helper macros 629638 - kernel panic in devinet_sysctl_forward when changing the /proc/sys/net/ipv4/conf/eth*/forwarding 629761 - [RHEL 5.5] e100/e1000*/igb*/ixgb*: Add missing read memory barrier 629773 - HVM guest w/ UP and PV driver hangs after live migration or suspend/resume 630124 - Detect and recover from cxgb3 adapter parity errors 630129 - [RHEL5 IA64 XEN] netfront driver: alloc_dev: Private data too big. 630563 - kernel: additional stack guard patches [rhel-5.6] 630680 - [Emulex 5.6 feat] Update be2net to version 2.102.453r 631963 - [Broadcom 5.6 bug] tg3: 5717 / 57765 / 5719 devices leak memory 632057 - [Broadcom 5.6 bug] bnx2: Remove some unnecessary smp_mb() in tx fast path 633149 - CVE-2010-3296 kernel: drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory 633388 - sfc: creates too many queues 634320 - [Broadcom 5.6 feat] tg3: Re-enable 5717 B0 support 634325 - [Broadcom 5.6 bug] tg3: Incorrect FW version displayed and FW handshake update 635027 - [RHEL5.6] Verify that driver version strings for updated network drivers 635782 - Add dirty_background_bytes and dirty_bytes sysctls to RHEL 5 636020 - PATCH: virtio_console: Fix poll blocking even though there is data to read 636046 - Disallow 0-sized writes to virtio ports to go through to host (leading to VM crash) 636053 - read from virtio-serial returns if the host side is not connect to pipe 636100 - TPM driver is not enabled in kernel-xen 636760 - TPM driver complains about IRQ mismatches 637194 - [Qlogic 5.6 bug] qlcnic: fix kernel NULL pointer dereference __qlcnic_shutdown+0xe/0x8a 637764 - Bonded interface doesn't issue IGMP report (join) on slave interface during failover 637826 - belkin usb nic card fails - module catc.ko 638082 - Backport HVMOP_get_time hypercall 639028 - [Emulex 5.6 feat] Update lpfc driver to version 8.2.0.85 640026 - bnx2 adapter periodically dropping received packets 640586 - sata_sil24 - add support for Adaptec 1225SA RAID eSATA controller 641086 - mpt2sas driver update causes boot failure with Dell PERC H200 SAS HBA 641193 - [NetApp 5.6 bug] regression: allow offlined devs to be set to running 643080 - tasks blocked after putting Nehalem CPU offline 643165 - GFS2: BUG_ON kernel panic in gfs2_glock_hold on 2.6.18-226 643254 - [QLogic 5.6 bug] kdump: netxen_nic doesn't work in network dumping 643426 - Stack size mapping is decreased through mlock/munlock call 643707 - [kdump] soft lockup occurs when nmi watchdog lockup is being triggered 644129 - Kernel build from source leaves kabideps file droppings in _tmppath 644136 - [QLogic 5.6 bug] qla2xxx: Fix incorrect test for zero 644438 - bnx2: Out of order arrival of UDP packets in application 644726 - panic in find_ge_pid() due to race between lseek() and readdir() on /proc 644735 - writing to a virtio serial port while no one is listening on the host side hangs the guest 644863 - [NetApp 5.6 bug] qla2xxx: Kernel panic on qla24xx_queuecommand 644879 - RHEL5.6 Include DL580 G7 in bfsort whitelist 645284 - modprobe igb max_vfs>7(Max support is 7) leads to host reboot in loop 645881 - [Emulex 5.6 feat] Update lpfc driver to version 8.2.0.86 646708 - regression: bnx2i driver returns garbage in host param callout and could oops 647259 - [Emulex 5.6 bug] Update be2net to version 2.102.512r 647297 - Direct IO write to a file on an nfs mount does not work 648656 - CVE-2010-4072 kernel: ipc/shm.c: reading uninitialized stack memory 648658 - CVE-2010-4073 kernel: ipc/compat*.c: reading uninitialized stack memory 648660 - CVE-2010-4075 kernel: drivers/serial/serial_core.c: reading uninitialized stack memory 648669 - CVE-2010-4080 kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory 648670 - CVE-2010-4081 kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory 649489 - [Emulex 5.6 bug] Update lpfc driver to version 8.2.0.87 649717 - CVE-2010-3877 kernel: net/tipc/socket.c: reading uninitialized stack memory 651287 - [Broadcom 5.6 bug] cnic: Panic in uio_release() 651698 - CVE-2010-4158 kernel: socket filters infoleak 651869 - probe-remove loop of i7core_edac module causes oops 652165 - ALSA: fix sysfs related issues (modules cannot be reloaded) and mutex problem in OSS mixer emulation 652279 - [5.6 FEAT] POWER7 added to Aux Vextor 653250 - kernel: restrict unprivileged access to kernel syslog [rhel-5.6] 653262 - [5.6 Regression] network is lost after balloon-up fails 653501 - netback tries to balloon up even if front-end doesn't do flipping 653991 - [Broadcom 5.6 bug] bnx2i: add upstream bug fixes to 2.6.2.2 654420 - [QLogic 5.6 bug] qlge: Update driver to 1.0.0.27 654948 - RHEL5.6 : 10Gb network card (AD144 &AD385)will be missing in installation and can not be drived in system 655119 - [Emulex 5.6 bug] Update lpfc driver to version 8.2.0.87.1p 655623 - CVE-2010-4238 kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV 656008 - [Qlogic 5.6 bug] qlcnic: Fix kdump issues 657097 - [Broadcom 5.6 bug] tg3: Fix 5719 bugs 658155 - CVE-2010-4255 xen: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area 658434 - forcedeth driver panics while booting debug kernel 658801 - [REG][5.6] igb never counts up the number of tx packets 659571 - CVE-2010-4258 kernel: failure to revert address limit override in OOPS error path [rhel-5.6] 660188 - CVE-2010-4263 kernel: igb panics when receiving tag vlan packet 660506 - [Broadcom 5.6 bug] tg3: Increase tx jumbo bd flag threshold 660580 - [REG][5.6] kernel panic occurs by writing a file on optional mount "sync/noac" of NFSv4. 661182 - CVE-2010-4343 kernel: bfa driver sysfs crash 661393 - [IPv6] a specific route is ignored if the default gateway is reachable 663509 - [Broadcom 5.6 bug] bnx2: calling pci_map_page() twice in tx path 663853 - [REG][5.6] kernel panic occurs by reading an empty file on optional mount "sync/noac" of NFSv4. |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0017.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
55 % | CWE-200 | Information Exposure |
9 % | CWE-665 | Improper Initialization |
9 % | CWE-476 | NULL Pointer Dereference |
9 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
9 % | CWE-269 | Improper Privilege Management |
9 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:19965 | |||
Oval ID: | oval:org.mitre.oval:def:19965 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4263 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19982 | |||
Oval ID: | oval:org.mitre.oval:def:19982 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4073 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20247 | |||
Oval ID: | oval:org.mitre.oval:def:20247 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4255 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20307 | |||
Oval ID: | oval:org.mitre.oval:def:20307 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4238 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20378 | |||
Oval ID: | oval:org.mitre.oval:def:20378 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4158 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20436 | |||
Oval ID: | oval:org.mitre.oval:def:20436 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4072 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20503 | |||
Oval ID: | oval:org.mitre.oval:def:20503 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4243 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20509 | |||
Oval ID: | oval:org.mitre.oval:def:20509 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3296 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20523 | |||
Oval ID: | oval:org.mitre.oval:def:20523 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4075 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20569 | |||
Oval ID: | oval:org.mitre.oval:def:20569 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4080 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20592 | |||
Oval ID: | oval:org.mitre.oval:def:20592 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3877 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20600 | |||
Oval ID: | oval:org.mitre.oval:def:20600 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4343 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20621 | |||
Oval ID: | oval:org.mitre.oval:def:20621 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4081 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28178 | |||
Oval ID: | oval:org.mitre.oval:def:28178 | ||
Title: | DEPRECATED: ELSA-2011-0283 -- kernel security, bug fix, and enhancement update (moderate) | ||
Description: | [2.6.32-71.18.1.el6] - [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] - [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] - [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] - [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] - [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0283 CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28199 | |||
Oval ID: | oval:org.mitre.oval:def:28199 | ||
Title: | DEPRECATED: ELSA-2011-0017 -- Oracle Linux 5.6 kernel security and bug fix update (important) | ||
Description: | This update fixes the following security issues: * A NULL pointer dereference flaw was found in the igb driver in the Linux kernel. If both the Single Root I/O Virtualization (SR-IOV) feature and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. (CVE-2010-4238, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) * A flaw was found in fixup_page_fault() in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-4255, Moderate) * A missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the "/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate) * Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158, Low) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0017 CVE-2010-3296 CVE-2010-3877 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4080 CVE-2010-4081 CVE-2010-4158 CVE-2010-4238 CVE-2010-4243 CVE-2010-4255 CVE-2010-4263 CVE-2010-4343 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2011-09-05 | Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit |
2010-12-07 | Linux Kernel <= 2.6.37 - Local Privilege Escalation |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:0283-01 File : nvt/gb_RHSA-2011_0283-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
2011-09-23 | Name : RedHat Update for kernel RHSA-2011:1321-01 File : nvt/gb_RHSA-2011_1321-01_kernel.nasl |
2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux vulnerabilities USN-1072-1 File : nvt/gb_ubuntu_USN_1072_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1 File : nvt/gb_ubuntu_USN_1071_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1 File : nvt/gb_ubuntu_USN_1073_1.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
2011-02-04 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1 File : nvt/gb_ubuntu_USN_1057_1.nasl |
2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
2011-01-14 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1 File : nvt/gb_ubuntu_USN_1041_1.nasl |
2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:047 File : nvt/gb_suse_2010_047.nasl |
2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70660 | Linux Kernel on RHEL Xen vbd_create Function blkback Driver Virtual CD-ROM De... The 'vbd_create' function in Xen allows guest OS users to cause a denial of service when attempting to access a virtual CD-ROM through the blkback driver. |
70659 | Linux Kernel fs/exec.c Crafted Exec System Call OOM Dodging Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when fs/exec.c fails to enable the OOM Killer to assess memory use representing the arguments and environment, allowing a local attacker to use a crafted exec system call to cause an 'OOM dodging issue' denial of service. |
70483 | Linux Kernel igb Subsystem drivers/net/igb/igb_main.c igb_receive_skb Functio... Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when the 'igb_receive_skb 'function in 'drivers/net/igb/igb_main.c' in the Intel Gigabit Ethernet subsystem has SR-IOV and promiscuous mode enabled without any VLANs registered. This may allow a remote attacker to cause a NULL pointer dereference and panic denial of service via a VLAN tagged frame. |
70290 | Linux Kernel net/tipc/socket.c get_name Function Local Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'get_name' function in 'net/tipc/socket.c' fails to initialize a certain structure, which will disclose potentially sensitive kernel stack memory information to a local attacker. |
70265 | Linux Kernel kernel/exit.c do_exit Function KERNEL_DS get_fs Value Handling L... Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'do_exit' function in 'kernel/exit.c' fails to properly handle a KERNEL_DS get_fs value, allowing a local attacker to bypass access_ok restrictions, overwrite arbitrary kernel memory locations, and gain elevated privileges. |
70228 | Linux Kernel drivers/scsi/bfa/bfa_core.c fc_host Statistics File Read Operati... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'drivers/scsi/bfa/bfa_core.c' fails to initialize a certain port data structure, and will result in a denial of service via read operations on an fc_host statistics file. |
69613 | Xen xen/arch/x86/traps.c fixup_page_fault() Function Local DoS Xen contains a flaw that may allow a local denial of service. The issue is triggered when insufficient restriction checks within the 'fixup_page_fault()' function in 'xen/arch/x86/traps.c' are exploited from a guest system to trigger a 'BUG_ON()', which will result in loss of availability. |
69553 | Linux Kernel sound/pci/rme9652/hdspm.c snd_hdspm_hwdep_ioctl Function SNDRV_H... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdspm_hwdep_ioctl' function in 'sound/pci/rme9652/hdspm.c' fails to properly initialize a certain structure occurs, which will disclose potentially sensitive kernel stack memory information via an 'SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
69552 | Linux Kernel sound/pci/rme9652/hdsp.c snd_hdsp_hwdep_ioctl Function SNDRV_HDS... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdsp_hwdep_ioctl' function in 'sound/pci/rme9652/hdsp.c' fails to initialize a certain structure, disclosing information from kernel stack memory via an 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
69531 | Linux Kernel ipc Subsystem ipc/compat_mq.c Multiple Function Local Memory Dis... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_mq_open' and 'compat_sys_mq_getsetattr' functions in 'ipc/compat_mq.c'. |
69530 | Linux Kernel ipc Subsystem ipc/compat.c Multiple Function Local Memory Disclo... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_semctl', 'compat_sys_msgctl', and 'compat_sys_shmctl' functions in 'ipc/compat.c'. |
69522 | Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call. |
69521 | Linux Kernel ipc/shm.c copy_shmid_to_user Function shmctl System Call Local M... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_shmid_to_user' function in 'ipc/shm.c' fails to properly initialize an unspecified structure, which can be exploited via the shmctl system call to disclose kernel stack memory to a local attacker. |
69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
68305 | Linux Kernel drivers/net/cxgb3/cxgb3_main.c cxgb_extension_ioctl Function CHE... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO |
2011-02-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1057-1.nasl - Type : ACT_GATHER_INFO |
2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO |
2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:13 |
|
2013-01-21 21:23:35 |
|