Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel vulnerabilities
Informations
Name USN-1074-2 First vendor Publication 2011-02-28
Vendor Ubuntu Last vendor Modification 2011-02-28
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.31-608-imx51 2.6.31-608.22

After a standard system update you need to reboot your computer to make all the necessary changes.

Details follow:

USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04.

Original advisory details:

Al Viro discovered a race condition in the TTY driver. A local attacker
could exploit this to crash the system, leading to a denial of service.
(CVE-2009-4895)

Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly
check file permissions. A local attacker could overwrite append-only files,
leading to potential data loss. (CVE-2010-2066)

Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly
check file permissions. A local attacker could exploit this to read from
write-only files, leading to a loss of privacy. (CVE-2010-2226)

Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory
manager did not properly handle when applications grow stacks into adjacent
memory regions. A local attacker could exploit this to gain control of
certain applications, potentially leading to privilege escalation, as
demonstrated in attacks against the X server. (CVE-2010-2240)

Suresh Jayaraman discovered that CIFS did not correctly validate certain
response packats. A remote attacker could send specially crafted traffic
that would crash the system, leading to a denial of service.
(CVE-2010-2248)

Ben Hutchings discovered that the ethtool interface did not correctly check
certain sizes. A local attacker could perform malicious ioctl calls that
could crash the system, leading to a denial of service. (CVE-2010-2478,
CVE-2010-3084)

James Chapman discovered that L2TP did not correctly evaluate checksum
capabilities. If an attacker could make malicious routing changes, they
could crash the system, leading to a denial of service. (CVE-2010-2495)

Neil Brown discovered that NFSv4 did not correctly check certain write
requests. A remote attacker could send specially crafted traffic that could
crash the system or possibly gain root privileges. (CVE-2010-2521)

David Howells discovered that DNS resolution in CIFS could be spoofed. A
local attacker could exploit this to control DNS replies, leading to a loss
of privacy and possible privilege escalation. (CVE-2010-2524)

Dan Rosenberg discovered that the btrfs filesystem did not correctly
validate permissions when using the clone function. A local attacker could
overwrite the contents of file handles that were opened for append-only, or
potentially read arbitrary contents, leading to a loss of privacy. Only
Ubuntu 9.10 was affected. (CVE-2010-2538)

Bob Peterson discovered that GFS2 rename operations did not correctly
validate certain sizes. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-2798)

Kees Cook discovered that under certain situations the ioctl subsystem for
DRM did not properly sanitize its arguments. A local attacker could exploit
this to read previously freed kernel memory, leading to a loss of privacy.
(CVE-2010-2803)

Eric Dumazet discovered that many network functions could leak kernel stack
contents. A local attacker could exploit this to read portions of kernel
memory, leading to a loss of privacy. (CVE-2010-2942, CVE-2010-3477)

Dave Chinner discovered that the XFS filesystem did not correctly order
inode lookups when exported by NFS. A remote attacker could exploit this to
read or write disk blocks that had changed file assignment or had become
unlinked, leading to a loss of privacy. (CVE-2010-2943)

Sergey Vlasov discovered that JFS did not correctly handle certain extended
attributes. A local attacker could bypass namespace access rules, leading
to a loss of privacy. (CVE-2010-2946)

Tavis Ormandy discovered that the IRDA subsystem did not correctly shut
down. A local attacker could exploit this to cause the system to crash or
possibly gain root privileges. (CVE-2010-2954)

Brad Spengler discovered that the wireless extensions did not correctly
validate certain request sizes. A local attacker could exploit this to read
portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)

Ben Hawkes discovered an integer overflow in the Controller Area Network
(CVE-2010-2959)

Kees Cook discovered that the Intel i915 graphics driver did not correctly
validate memory regions. A local attacker with access to the video card
could read and write arbitrary kernel memory to gain root privileges.
Ubuntu 10.10 was not affected. (CVE-2010-2962)

Kees Cook discovered that the V4L1 32bit compat interface did not correctly
validate certain parameters. A local attacker on a 64bit system with access
to a video device could exploit this to gain root privileges.
(CVE-2010-2963)

Toshiyuki Okajima discovered that ext4 did not correctly check certain
parameters. A local attacker could exploit this to crash the system or
overwrite the last block of large files. (CVE-2010-3015)

Tavis Ormandy discovered that the AIO subsystem did not correctly validate
certain parameters. A local attacker could exploit this to crash the system
or possibly gain root privileges. (CVE-2010-3067)

Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack
contents. A local attacker could exploit this to read portions of kernel
memory, leading to a loss of privacy. (CVE-2010-3078)

Robert Swiecki discovered that ftrace did not correctly handle mutexes. A
local attacker could exploit this to crash the kernel, leading to a denial
of service. (CVE-2010-3079)

Tavis Ormandy discovered that the OSS sequencer device did not correctly
shut down. A local attacker could exploit this to crash the system or
possibly gain root privileges. (CVE-2010-3080)

Ben Hawkes discovered that the Linux kernel did not correctly validate
memory ranges on 64bit kernels when allocating memory on behalf of 32bit
system calls. On a 64bit system, a local attacker could perform malicious
multicast getsockopt calls to gain root privileges. (CVE-2010-3081)

Dan Rosenberg discovered that several network ioctls did not clear kernel
memory correctly. A local user could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297,
CVE-2010-3298)

Ben Hawkes discovered that the Linux kernel did not correctly filter
registers on 64bit kernels when performing 32bit system calls. On a 64bit
system, a local attacker could manipulate 32bit system calls to gain root
privileges. (CVE-2010-3301)

Dan Rosenberg discovered that the ROSE driver did not correctly check
parameters. A local attacker with access to a ROSE network device could
exploit this to crash the system or possibly gain root privileges.
(CVE-2010-3310)

Thomas Dreibholz discovered that SCTP did not correctly handle appending
packet chunks. A remote attacker could send specially crafted traffic to
crash the system, leading to a denial of service. (CVE-2010-3432)

Dan Rosenberg discovered that the CD driver did not correctly check
parameters. A local attacker could exploit this to read arbitrary kernel
memory, leading to a loss of privacy. (CVE-2010-3437)

Dan Rosenberg discovered that the Sound subsystem did not correctly
validate parameters. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-3442)

Dan Jacobson discovered that ThinkPad video output was not correctly access
controlled. A local attacker could exploit this to hang the system, leading
to a denial of service. (CVE-2010-3448)

It was discovered that KVM did not correctly initialize certain CPU
registers. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2010-3698)

Dan Rosenberg discovered that SCTP did not correctly handle HMAC
calculations. A remote attacker could send specially crafted traffic that
would crash the system, leading to a denial of service. (CVE-2010-3705)

Nelson Elhage discovered several problems with the Acorn Econet protocol
driver. A local user could cause a denial of service via a NULL pointer
dereference, escalate privileges by overflowing the kernel stack, and
assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,
CVE-2010-3849, CVE-2010-3850)

Brad Spengler discovered that stack memory for new a process was not
correctly calculated. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-3858)

Kees Cook discovered that the ethtool interface did not correctly clear
kernel memory. A local attacker could read kernel heap memory, leading to a
loss of privacy. (CVE-2010-3861)

Dan Rosenberg discovered that the RDS network protocol did not correctly
check certain parameters. A local attacker could exploit this gain root
privileges. (CVE-2010-3904)

Kees Cook and Vasiliy Kulikov discovered that the shm interface did not
clear kernel memory correctly. A local attacker could exploit this to read
kernel stack memory, leading to a loss of privacy. (CVE-2010-4072)

Dan Rosenberg discovered that IPC structures were not correctly initialized
on 64bit systems. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4073)

Dan Rosenberg discovered that the USB subsystem did not correctly
initialize certian structures. A local attacker could exploit this to read
kernel stack memory, leading to a loss of privacy. (CVE-2010-4074)

Dan Rosenberg discovered that the SiS video driver did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4078)

Dan Rosenberg discovered that the ivtv V4L driver did not correctly
initialize certian structures. A local attacker could exploit this to read
kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)

Steve Chen discovered that setsockopt did not correctly check MSS values. A
local attacker could make a specially crafted socket call to crash the
system, leading to a denial of service. (CVE-2010-4165)

Dave Jones discovered that the mprotect system call did not correctly
handle merged VMAs. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-4169)

Vegard Nossum discovered that memory garbage collection was not handled
correctly for active sockets. A local attacker could exploit this to
allocate all available kernel memory, leading to a denial of service.
(CVE-2010-4249)

Original Source

Url : http://www.ubuntu.com/usn/USN-1074-2

CWE : Common Weakness Enumeration

% Id Name
24 % CWE-200 Information Exposure
14 % CWE-476 NULL Pointer Dereference
12 % CWE-20 Improper Input Validation
8 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
8 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
6 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4 % CWE-189 Numeric Errors (CWE/SANS Top 25)
2 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
2 % CWE-416 Use After Free
2 % CWE-415 Double Free
2 % CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory Leak')
2 % CWE-399 Resource Management Errors
2 % CWE-369 Divide By Zero
2 % CWE-362 Race Condition
2 % CWE-269 Improper Privilege Management
2 % CWE-264 Permissions, Privileges, and Access Controls
2 % CWE-193 Off-by-one Error
2 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11894
 
Oval ID: oval:org.mitre.oval:def:11894
Title: DSA-2110-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2010-2492 Andre Osterhues reported an issue in the eCryptfs subsystem. A buffer overflow condition may allow local users to cause a denial of service or gain elevated privileges. CVE-2010-2954 Tavis Ormandy reported an issue in the irda subsystem which may allow local users to cause a denial of service via a NULL pointer dereference. CVE-2010-3078 Dan Rosenberg discovered an issue in the XFS file system that allows local users to read potentially sensitive kernel memory. CVE-2010-3080 Tavis Ormandy reported an issue in the ALSA sequencer OSS emulation layer. Local users with sufficient privileges to open /dev/sequencer can cause a denial of service via a NULL pointer dereference. CVE-2010-3081 Ben Hawkes discovered an issue in the 32-bit compatibility code for 64-bit systems. Local users can gain elevated privileges due to insufficient checks in compat_alloc_user_space allocations. For the stable distribution, this problem has been fixed in version 2.6.26-25lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+25lenny1
Family: unix Class: patch
Reference(s): DSA-2110-1
CVE-2010-2492
CVE-2010-2954
CVE-2010-3078
CVE-2010-3080
CVE-2010-3081
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12645
 
Oval ID: oval:org.mitre.oval:def:12645
Title: DSA-2094-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service. CVE-2010-2226 Dan Rosenberg reported an issue in the xfs filesystem that allows local users to copy and read a file owned by another user, for which they only have write permissions, due to a lack of permission checking in the XFS_SWAPEXT ioctl. CVE-2010-2240 Rafal Wojtczuk reported an issue that allows users to obtain escalated privileges. Users must already have sufficient privileges to execute or connect clients to an Xorg server. CVE-2010-2248 Suresh Jayaraman discovered an issue in the CIFS filesystem. A malicious file server can set an incorrect "CountHigh" value, resulting in a denial of service. CVE-2010-2521 Neil Brown reported an issue in the NFSv4 server code. A malicious client could trigger a denial of service on a server due to a bug in the read_buf routine. CVE-2010-2798 Bob Peterson reported an issue in the GFS2 file system. A file system user could cause a denial of service via certain rename operations. CVE-2010-2803 Kees Cook reported an issue in the DRM subsystem. Local users with sufficient privileges could acquire access to sensitive kernel memory. CVE-2010-2959 Ben Hawkes discovered an issue in the AF_CAN socket family. An integer overflow condition may allow local users to obtain elevated privileges. CVE-2010-3015 Toshiyuki Okajima reported an issue in the ext4 filesystem. Local users could trigger a denial of service by generating a specific set of filesystem operations. This update also includes fixes a regression introduced by a previous update. See the referenced Debian bug page for details. For the stable distribution, this problem has been fixed in version 2.6.26-24lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+24lenny1
Family: unix Class: patch
Reference(s): DSA-2094-1
CVE-2009-4895
CVE-2010-2226
CVE-2010-2240
CVE-2010-2248
CVE-2010-2521
CVE-2010-2798
CVE-2010-2803
CVE-2010-2959
CVE-2010-3015
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12770
 
Oval ID: oval:org.mitre.oval:def:12770
Title: USN-1074-1 -- linux-fsl-imx51 vulnerabilities
Description: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1074-1
CVE-2009-4895
CVE-2010-2066
CVE-2010-2226
CVE-2010-2240
CVE-2010-2248
CVE-2010-2478
CVE-2010-3084
CVE-2010-2495
CVE-2010-2521
CVE-2010-2524
CVE-2010-2538
CVE-2010-2798
CVE-2010-2803
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2946
CVE-2010-2954
CVE-2010-2955
CVE-2010-2959
CVE-2010-2962
CVE-2010-2963
CVE-2010-3015
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3081
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3301
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3858
CVE-2010-3861
CVE-2010-3904
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 9.10
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12803
 
Oval ID: oval:org.mitre.oval:def:12803
Title: USN-974-2 -- linux regression
Description: USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for CVE-2010-2240 caused failures for Xen hosts. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network subsystem when setting up frame content and filtering certain messages. An attacker could send specially crafted CAN traffic to crash the system or gain root privileges
Family: unix Class: patch
Reference(s): USN-974-2
CVE-2010-2240
CVE-2010-2803
CVE-2010-2959
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12842
 
Oval ID: oval:org.mitre.oval:def:12842
Title: USN-1073-1 -- linux, linux-ec2 vulnerabilities
Description: Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. James Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to crash the kernel, or possibly gain root privileges. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1073-1
CVE-2010-0435
CVE-2010-3448
CVE-2010-3698
CVE-2010-3859
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4160
CVE-2010-4165
CVE-2010-4169
CVE-2010-4248
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 9.10
Product(s): linux
linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13031
 
Oval ID: oval:org.mitre.oval:def:13031
Title: USN-1057-1 -- linux-source-2.6.15 vulnerabilities
Description: Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy
Family: unix Class: patch
Reference(s): USN-1057-1
CVE-2010-2943
CVE-2010-3297
CVE-2010-4072
Version: 5
Platform(s): Ubuntu 6.06
Product(s): linux-source-2.6.15
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13247
 
Oval ID: oval:org.mitre.oval:def:13247
Title: ESX third party update for Service Console kernel
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 4
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13363
 
Oval ID: oval:org.mitre.oval:def:13363
Title: USN-1074-2 -- linux-fsl-imx51 vulnerabilities
Description: USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1074-2
CVE-2010-3904
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3301
CVE-2010-3081
CVE-2009-4895
CVE-2010-2066
CVE-2010-2226
CVE-2010-2248
CVE-2010-2478
CVE-2010-3084
CVE-2010-2495
CVE-2010-2521
CVE-2010-2524
CVE-2010-2538
CVE-2010-2798
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2946
CVE-2010-2954
CVE-2010-2955
CVE-2010-2962
CVE-2010-2963
CVE-2010-3015
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3858
CVE-2010-3861
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19636
 
Oval ID: oval:org.mitre.oval:def:19636
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3858
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19850
 
Oval ID: oval:org.mitre.oval:def:19850
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2524
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19910
 
Oval ID: oval:org.mitre.oval:def:19910
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 5
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19982
 
Oval ID: oval:org.mitre.oval:def:19982
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4073
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20057
 
Oval ID: oval:org.mitre.oval:def:20057
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3442
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20098
 
Oval ID: oval:org.mitre.oval:def:20098
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3067
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20184
 
Oval ID: oval:org.mitre.oval:def:20184
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2798
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20228
 
Oval ID: oval:org.mitre.oval:def:20228
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2942
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20326
 
Oval ID: oval:org.mitre.oval:def:20326
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2066
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20373
 
Oval ID: oval:org.mitre.oval:def:20373
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2943
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20401
 
Oval ID: oval:org.mitre.oval:def:20401
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2521
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20436
 
Oval ID: oval:org.mitre.oval:def:20436
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4072
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20450
 
Oval ID: oval:org.mitre.oval:def:20450
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3015
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20452
 
Oval ID: oval:org.mitre.oval:def:20452
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3477
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20464
 
Oval ID: oval:org.mitre.oval:def:20464
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3432
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20479
 
Oval ID: oval:org.mitre.oval:def:20479
Title: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20508
 
Oval ID: oval:org.mitre.oval:def:20508
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2226
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20509
 
Oval ID: oval:org.mitre.oval:def:20509
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3296
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20529
 
Oval ID: oval:org.mitre.oval:def:20529
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3081
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20540
 
Oval ID: oval:org.mitre.oval:def:20540
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3904
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20563
 
Oval ID: oval:org.mitre.oval:def:20563
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2248
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20595
 
Oval ID: oval:org.mitre.oval:def:20595
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3078
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20611
 
Oval ID: oval:org.mitre.oval:def:20611
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4249
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21695
 
Oval ID: oval:org.mitre.oval:def:21695
Title: RHSA-2010:0842: kernel security and bug fix update (Important)
Description: The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Family: unix Class: patch
Reference(s): RHSA-2010:0842-02
CVE-2010-2803
CVE-2010-2955
CVE-2010-2962
CVE-2010-3079
CVE-2010-3081
CVE-2010-3084
CVE-2010-3301
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3698
CVE-2010-3705
CVE-2010-3904
Version: 172
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22008
 
Oval ID: oval:org.mitre.oval:def:22008
Title: RHSA-2010:0792: kernel security update (Important)
Description: The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Family: unix Class: patch
Reference(s): RHSA-2010:0792-01
CESA-2010:0792
CVE-2010-3904
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22076
 
Oval ID: oval:org.mitre.oval:def:22076
Title: RHSA-2010:0661: kernel security update (Important)
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: patch
Reference(s): RHSA-2010:0661-01
CESA-2010:0661
CVE-2010-2240
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22091
 
Oval ID: oval:org.mitre.oval:def:22091
Title: RHSA-2010:0610: kernel security and bug fix update (Important)
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: patch
Reference(s): RHSA-2010:0610-01
CESA-2010:0610
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22159
 
Oval ID: oval:org.mitre.oval:def:22159
Title: RHSA-2010:0839: kernel security and bug fix update (Moderate)
Description: The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.
Family: unix Class: patch
Reference(s): RHSA-2010:0839-01
CESA-2010:0839
CVE-2010-3066
CVE-2010-3067
CVE-2010-3078
CVE-2010-3086
CVE-2010-3448
CVE-2010-3477
Version: 81
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22277
 
Oval ID: oval:org.mitre.oval:def:22277
Title: RHSA-2010:0723: kernel security and bug fix update (Important)
Description: Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation.
Family: unix Class: patch
Reference(s): RHSA-2010:0723-01
CESA-2010:0723
CVE-2010-1083
CVE-2010-2492
CVE-2010-2798
CVE-2010-2938
CVE-2010-2942
CVE-2010-2943
CVE-2010-3015
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22300
 
Oval ID: oval:org.mitre.oval:def:22300
Title: RHSA-2010:0704: kernel security update (Important)
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0704-01
CESA-2010:0704
CVE-2010-3081
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22364
 
Oval ID: oval:org.mitre.oval:def:22364
Title: RHSA-2010:0898: kvm security update (Moderate)
Description: The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
Family: unix Class: patch
Reference(s): RHSA-2010:0898-01
CESA-2010:0898
CVE-2010-3698
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22976
 
Oval ID: oval:org.mitre.oval:def:22976
Title: ELSA-2010:0839: kernel security and bug fix update (Moderate)
Description: The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.
Family: unix Class: patch
Reference(s): ELSA-2010:0839-01
CVE-2010-3066
CVE-2010-3067
CVE-2010-3078
CVE-2010-3086
CVE-2010-3448
CVE-2010-3477
Version: 29
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23010
 
Oval ID: oval:org.mitre.oval:def:23010
Title: ELSA-2010:0661: kernel security update (Important)
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: patch
Reference(s): ELSA-2010:0661-01
CVE-2010-2240
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23030
 
Oval ID: oval:org.mitre.oval:def:23030
Title: ELSA-2010:0792: kernel security update (Important)
Description: The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Family: unix Class: patch
Reference(s): ELSA-2010:0792-01
CVE-2010-3904
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23058
 
Oval ID: oval:org.mitre.oval:def:23058
Title: ELSA-2010:0610: kernel security and bug fix update (Important)
Description: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
Family: unix Class: patch
Reference(s): ELSA-2010:0610-01
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 33
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23145
 
Oval ID: oval:org.mitre.oval:def:23145
Title: ELSA-2010:0723: kernel security and bug fix update (Important)
Description: Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation.
Family: unix Class: patch
Reference(s): ELSA-2010:0723-01
CVE-2010-1083
CVE-2010-2492
CVE-2010-2798
CVE-2010-2938
CVE-2010-2942
CVE-2010-2943
CVE-2010-3015
Version: 33
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23170
 
Oval ID: oval:org.mitre.oval:def:23170
Title: ELSA-2010:0704: kernel security update (Important)
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0704-01
CVE-2010-3081
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23172
 
Oval ID: oval:org.mitre.oval:def:23172
Title: ELSA-2010:0842: kernel security and bug fix update (Important)
Description: The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Family: unix Class: patch
Reference(s): ELSA-2010:0842-02
CVE-2010-2803
CVE-2010-2955
CVE-2010-2962
CVE-2010-3079
CVE-2010-3081
CVE-2010-3084
CVE-2010-3301
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3698
CVE-2010-3705
CVE-2010-3904
Version: 57
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23193
 
Oval ID: oval:org.mitre.oval:def:23193
Title: ELSA-2010:0898: kvm security update (Moderate)
Description: The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
Family: unix Class: patch
Reference(s): ELSA-2010:0898-01
CVE-2010-3698
Version: 6
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25739
 
Oval ID: oval:org.mitre.oval:def:25739
Title: SUSE-SU-2013:1832-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise Server 10 SP3 LTSS kernel received a roll up update to fix lots of moderate security issues and several bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1832-1
CVE-2012-4530
CVE-2011-2494
CVE-2013-2234
CVE-2013-2237
CVE-2013-2147
CVE-2013-2141
CVE-2013-0160
CVE-2012-6537
CVE-2013-3222
CVE-2013-3223
CVE-2013-3224
CVE-2013-3228
CVE-2013-3229
CVE-2013-3231
CVE-2013-3232
CVE-2013-3234
CVE-2013-3235
CVE-2013-1827
CVE-2012-6549
CVE-2012-6547
CVE-2012-6546
CVE-2012-6544
CVE-2012-6545
CVE-2012-6542
CVE-2012-6541
CVE-2012-6540
CVE-2013-0914
CVE-2011-2492
CVE-2013-2206
CVE-2012-6539
CVE-2013-2232
CVE-2013-2164
CVE-2012-4444
CVE-2013-1928
CVE-2013-0871
CVE-2013-0268
CVE-2012-3510
CVE-2011-4110
CVE-2012-2136
CVE-2009-4020
CVE-2011-2928
CVE-2011-4077
CVE-2011-4324
CVE-2011-4330
CVE-2011-1172
CVE-2011-2525
CVE-2011-2699
CVE-2011-1171
CVE-2011-1170
CVE-2011-3209
CVE-2011-2213
CVE-2010-3880
CVE-2011-2534
CVE-2011-2203
CVE-2009-4067
CVE-2011-3363
CVE-2011-2484
CVE-2011-4132
CVE-2010-4249
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27240
 
Oval ID: oval:org.mitre.oval:def:27240
Title: ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update (important)
Description: Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5
Family: unix Class: patch
Reference(s): ELSA-2010-2009
CVE-2010-3477
CVE-2010-3904
CVE-2010-3067
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27493
 
Oval ID: oval:org.mitre.oval:def:27493
Title: DEPRECATED: ELSA-2010-0610 -- kernel security and bug fix update (important)
Description: [2.6.18-194.11.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033]
Family: unix Class: patch
Reference(s): ELSA-2010-0610
CVE-2010-1084
CVE-2010-2066
CVE-2010-2070
CVE-2010-2226
CVE-2010-2248
CVE-2010-2521
CVE-2010-2524
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27587
 
Oval ID: oval:org.mitre.oval:def:27587
Title: ELSA-2010-2008 -- Unbreakable enterprise kernel security update (important)
Description: [2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker)
Family: unix Class: patch
Reference(s): ELSA-2010-2008
CVE-2010-2942
CVE-2010-2943
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27702
 
Oval ID: oval:org.mitre.oval:def:27702
Title: ELSA-2010-2011 -- Unbreakable enterprise kernel security and bug fix update (important)
Description: Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. CVE-2010-2962 drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations. CVE-2010-2955 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. CVE-2010-3705 The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. CVE-2010-3084 Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command. CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. CVE-2010-3079 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file. CVE-2010-3698 The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
Family: unix Class: patch
Reference(s): ELSA-2010-2011
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3698
CVE-2010-3705
CVE-2010-2955
CVE-2010-2962
CVE-2010-3079
CVE-2010-3084
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
ofa
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27737
 
Oval ID: oval:org.mitre.oval:def:27737
Title: DEPRECATED: ELSA-2010-0839 -- kernel security and bug fix update (moderate)
Description: [2.6.18-194.26.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Family: unix Class: patch
Reference(s): ELSA-2010-0839
CVE-2010-3477
CVE-2010-3066
CVE-2010-3067
CVE-2010-3078
CVE-2010-3086
CVE-2010-3448
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27842
 
Oval ID: oval:org.mitre.oval:def:27842
Title: ELSA-2012-2001 -- Unbreakable Enterprise kernel security and bug fix update (important)
Description: [2.6.32-300.7.1.el6uek] - Revert "proc: enable writing to /proc/pid/mem" [orabug 13619701] {CVE-2012-0056} - [PATCH] x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha) [2.6.32-300.6.1.el6uek] - tracing: Fix null pointer deref with SEND_SIG_FORCED (Oleg Nesterov) [orabug 13611655] [2.6.32-300.5.1.el6uek] - sched, x86: Avoid unnecessary overflow in sched_clock (Salman Qazi) [orabug 13604567] - [x86]: Don't resume/restore cpu if not of the expected cpu (Joe Jin) [orabug 13492670] - drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow (Chris Wilson) [CVE-2010-296] - x2apic: Enable the bios request for x2apic optout (Suresh Siddha) [orabug 13565303] - fuse: split queues to scale I/O throughput (Srinivas Eeda) [orabug 10004611] - fuse: break fc spinlock (Srinivas Eeda) [orabug 10004611]
Family: unix Class: patch
Reference(s): ELSA-2012-2001
CVE-2012-0056
CVE-2010-2962
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27874
 
Oval ID: oval:org.mitre.oval:def:27874
Title: DEPRECATED: ELSA-2010-0723 -- kernel security and bug fix update (important)
Description: [2.6.18-194.17.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Family: unix Class: patch
Reference(s): ELSA-2010-0723
CVE-2010-1083
CVE-2010-2492
CVE-2010-2798
CVE-2010-2938
CVE-2010-2942
CVE-2010-2943
CVE-2010-3015
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27891
 
Oval ID: oval:org.mitre.oval:def:27891
Title: DEPRECATED: ELSA-2010-0661 -- kernel security update (important)
Description: [2.6.18-194.11.3.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.3.el5] - [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} [2.6.18-194.11.2.el5] - [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240}
Family: unix Class: patch
Reference(s): ELSA-2010-0661
CVE-2010-2240
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28053
 
Oval ID: oval:org.mitre.oval:def:28053
Title: DEPRECATED: ELSA-2010-0704 -- kernel security update (important)
Description: [2.6.18-194.11.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.4.el5] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081}
Family: unix Class: patch
Reference(s): ELSA-2010-0704
CVE-2010-3081
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28099
 
Oval ID: oval:org.mitre.oval:def:28099
Title: DEPRECATED: ELSA-2010-0898 -- kvm security update (moderate)
Description: [kvm-83-164.0.1.el5_5.25] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5_5.25] - Adding load_gs_index to kmod symbol greylist - Related: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) [kvm-83-164.el5_5.24] - Updated kversion to 2.6.18-194.17.1.el5 to match build root - kvm.spec: fix ./configure arguments (ensure spice, kvm-cap-pit and kvm-cap-device-assignment are always enabled) - kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639886] - Resolves: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) - CVE: CVE-2010-3698
Family: unix Class: patch
Reference(s): ELSA-2010-0898
CVE-2010-3698
Version: 4
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28217
 
Oval ID: oval:org.mitre.oval:def:28217
Title: DEPRECATED: ELSA-2010-0792 -- kernel security update (important)
Description: [2.6.18-194.17.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.17.4.el5] - [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904}
Family: unix Class: patch
Reference(s): ELSA-2010-0792
CVE-2010-3904
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 3
Application 3
Application 4
Application 3
Application 3
Application 2
Application 3
Application 1
Os 11
Os 1
Os 2
Os 1353
Os 3
Os 3
Os 2
Os 1
Os 1
Os 4
Os 1
Os 3
Os 1
Os 3
Os 2

ExploitDB Exploits

id Description
2011-09-05 Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit
2011-03-10 Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
2011-03-02 Linux Kernel <= 2.6.37 Local Kernel Denial of Service
2010-12-07 Linux Kernel <= 2.6.37 - Local Privilege Escalation
2010-10-28 Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
2010-10-19 Linux RDS Protocol Local Privilege Escalation
2010-09-29 Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure
2010-08-27 Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for kernel CESA-2010:0936 centos4 x86_64
File : nvt/gb_CESA-2010_0936_kernel_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64
File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64
File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64
File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:0283-01
File : nvt/gb_RHSA-2011_0283-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0421-01
File : nvt/gb_RHSA-2011_0421-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0836-01
File : nvt/gb_RHSA-2011_0836-01_kernel.nasl
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-16 Name : VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client upd...
File : nvt/gb_VMSA-2011-0009.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ...
File : nvt/gb_VMSA-2011-0007.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-09-23 Name : RedHat Update for kernel RHSA-2011:1321-01
File : nvt/gb_RHSA-2011_1321-01_kernel.nasl
2011-09-16 Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-08-27 Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1186-1
File : nvt/gb_ubuntu_USN_1186_1.nasl
2011-08-12 Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0610 centos5 i386
File : nvt/gb_CESA-2010_0610_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0704 centos5 i386
File : nvt/gb_CESA-2010_0704_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0723 centos5 i386
File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0792 centos5 i386
File : nvt/gb_CESA-2010_0792_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0839 centos5 i386
File : nvt/gb_CESA-2010_0839_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kvm-83-164.el5_ CESA-2010:0898 centos5 i386
File : nvt/gb_CESA-2010_0898_kvm-83-164.el5__centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0004 centos5 i386
File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0303 centos5 i386
File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-06-20 Name : Fedora Update for kernel FEDORA-2011-7551
File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl
2011-05-17 Name : Fedora Update for kernel FEDORA-2011-6541
File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl
2011-05-10 Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1
File : nvt/gb_ubuntu_USN_1111_1.nasl
2011-05-10 Name : Ubuntu Update for linux-ti-omap4 USN-1119-1
File : nvt/gb_ubuntu_USN_1119_1.nasl
2011-05-06 Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-03-15 Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2011-03-07 Name : Debian Security Advisory DSA 2153-1 (linux-2.6)
File : nvt/deb_2153_1.nasl
2011-03-07 Name : RedHat Update for kernel RHSA-2011:0303-01
File : nvt/gb_RHSA-2011_0303-01_kernel.nasl
2011-03-07 Name : Ubuntu Update for linux vulnerabilities USN-1081-1
File : nvt/gb_ubuntu_USN_1081_1.nasl
2011-03-07 Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1
File : nvt/gb_ubuntu_USN_1083_1.nasl
2011-02-28 Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1
File : nvt/gb_ubuntu_USN_1071_1.nasl
2011-02-28 Name : Ubuntu Update for linux vulnerabilities USN-1072-1
File : nvt/gb_ubuntu_USN_1072_1.nasl
2011-02-28 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1
File : nvt/gb_ubuntu_USN_1073_1.nasl
2011-02-18 Name : Mandriva Update for kernel MDVSA-2011:029 (kernel)
File : nvt/gb_mandriva_MDVSA_2011_029.nasl
2011-02-16 Name : SuSE Update for kernel SUSE-SA:2011:008
File : nvt/gb_suse_2011_008.nasl
2011-02-11 Name : Fedora Update for kernel FEDORA-2011-1138
File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl
2011-02-04 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1
File : nvt/gb_ubuntu_USN_1054_1.nasl
2011-02-04 Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1
File : nvt/gb_ubuntu_USN_1057_1.nasl
2011-01-31 Name : CentOS Update for kernel CESA-2010:0936 centos4 i386
File : nvt/gb_CESA-2010_0936_kernel_centos4_i386.nasl
2011-01-31 Name : CentOS Update for kernel CESA-2011:0162 centos4 i386
File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl
2011-01-24 Name : Debian Security Advisory DSA 2126-1 (linux-2.6)
File : nvt/deb_2126_1.nasl
2011-01-21 Name : RedHat Update for kernel RHSA-2011:0162-01
File : nvt/gb_RHSA-2011_0162-01_kernel.nasl
2011-01-14 Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01
File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl
2011-01-14 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1
File : nvt/gb_ubuntu_USN_1041_1.nasl
2011-01-11 Name : RedHat Update for kernel RHSA-2011:0004-01
File : nvt/gb_RHSA-2011_0004-01_kernel.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:039
File : nvt/gb_suse_2010_039.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:047
File : nvt/gb_suse_2010_047.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:051
File : nvt/gb_suse_2010_051.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2011:001
File : nvt/gb_suse_2011_001.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2011:002
File : nvt/gb_suse_2011_002.nasl
2011-01-04 Name : Mandriva Update for kernel MDVSA-2010:257 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_257.nasl
2010-12-28 Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23 Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09 Name : RedHat Update for kernel RHSA-2010:0936-01
File : nvt/gb_RHSA-2010_0936-01_kernel.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18493
File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl
2010-12-09 Name : Mandriva Update for kernel MDVSA-2010:247 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_247.nasl
2010-12-09 Name : Ubuntu Update for Linux kernel vulnerabilities USN-1023-1
File : nvt/gb_ubuntu_USN_1023_1.nasl
2010-12-02 Name : Fedora Update for kernel FEDORA-2010-14832
File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl
2010-12-02 Name : Fedora Update for kernel FEDORA-2010-16826
File : nvt/gb_fedora_2010_16826_kernel_fc14.nasl
2010-11-16 Name : RedHat Update for kernel RHSA-2010:0839-01
File : nvt/gb_RHSA-2010_0839-01_kernel.nasl
2010-11-16 Name : SuSE Update for kernel SUSE-SA:2010:053
File : nvt/gb_suse_2010_053.nasl
2010-11-04 Name : CentOS Update for kernel CESA-2010:0779 centos4 i386
File : nvt/gb_CESA-2010_0779_kernel_centos4_i386.nasl
2010-11-04 Name : RedHat Update for kernel RHSA-2010:0792-01
File : nvt/gb_RHSA-2010_0792-01_kernel.nasl
2010-10-22 Name : RedHat Update for kernel RHSA-2010:0779-01
File : nvt/gb_RHSA-2010_0779-01_kernel.nasl
2010-10-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1
File : nvt/gb_ubuntu_USN_1000_1.nasl
2010-10-19 Name : Mandriva Update for kernel MDVSA-2010:198 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_198.nasl
2010-10-10 Name : Debian Security Advisory DSA 2094-1 (linux-2.6)
File : nvt/deb_2094_1.nasl
2010-10-10 Name : Debian Security Advisory DSA 2110-1 (linux-2.6)
File : nvt/deb_2110_1.nasl
2010-10-01 Name : CentOS Update for kernel CESA-2010:0718 centos4 i386
File : nvt/gb_CESA-2010_0718_kernel_centos4_i386.nasl
2010-10-01 Name : RedHat Update for kernel RHSA-2010:0718-01
File : nvt/gb_RHSA-2010_0718-01_kernel.nasl
2010-10-01 Name : RedHat Update for kernel RHSA-2010:0723-01
File : nvt/gb_RHSA-2010_0723-01_kernel.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:043
File : nvt/gb_suse_2010_043.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:046
File : nvt/gb_suse_2010_046.nasl
2010-09-27 Name : RedHat Update for kernel RHSA-2010:0704-01
File : nvt/gb_RHSA-2010_0704-01_kernel.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:172 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_172.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:188 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_188.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14878
File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14890
File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl
2010-09-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-988-1
File : nvt/gb_ubuntu_USN_988_1.nasl
2010-09-10 Name : CentOS Update for kernel CESA-2010:0676 centos4 i386
File : nvt/gb_CESA-2010_0676_kernel_centos4_i386.nasl
2010-09-10 Name : RedHat Update for kernel RHSA-2010:0676-01
File : nvt/gb_RHSA-2010_0676-01_kernel.nasl
2010-09-10 Name : Fedora Update for kernel FEDORA-2010-14235
File : nvt/gb_fedora_2010_14235_kernel_fc13.nasl
2010-09-10 Name : SuSE Update for kernel SUSE-SA:2010:036
File : nvt/gb_suse_2010_036.nasl
2010-09-07 Name : RedHat Update for kernel RHSA-2010:0661-01
File : nvt/gb_RHSA-2010_0661-01_kernel.nasl
2010-09-07 Name : Fedora Update for kernel FEDORA-2010-13903
File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl
2010-08-30 Name : CentOS Update for kernel CESA-2010:0606 centos4 i386
File : nvt/gb_CESA-2010_0606_kernel_centos4_i386.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13058
File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13110
File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl
2010-08-30 Name : Ubuntu Update for linux regression USN-974-2
File : nvt/gb_ubuntu_USN_974_2.nasl
2010-08-20 Name : Ubuntu Update for Linux kernel vulnerabilities USN-974-1
File : nvt/gb_ubuntu_USN_974_1.nasl
2010-08-13 Name : RedHat Update for kernel RHSA-2010:0610-01
File : nvt/gb_RHSA-2010_0610-01_kernel.nasl
2010-08-06 Name : RedHat Update for kernel RHSA-2010:0606-01
File : nvt/gb_RHSA-2010_0606-01_kernel.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11412
File : nvt/gb_fedora_2010_11412_kernel_fc12.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11462
File : nvt/gb_fedora_2010_11462_kernel_fc13.nasl
2010-07-16 Name : Fedora Update for kernel FEDORA-2010-10880
File : nvt/gb_fedora_2010_10880_kernel_fc12.nasl
2010-07-12 Name : Fedora Update for kernel FEDORA-2010-10876
File : nvt/gb_fedora_2010_10876_kernel_fc13.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-240-06 xorg-server
File : nvt/esoft_slk_ssa_2010_240_06.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70288 Linux Kernel on ThinkPad drivers/platform/x86/thinkpad_acpi.c Video Output Co...

Linux Kernel on ThinkPad contains a flaw that may allow a local denial of service. The issue is triggered when 'drivers/platform/x86/thinkpad_acpi.c' fails to properly restrict access to the video output control state, allowing a local attacker to use a read or write operation to cause a denial of service.
70262 Linux Kernel net/econet/af_econet.c ec_dev_ioctl Function SIOCSIFADDR IOCTL e...

Linux Kernel contains a flaw related to the the 'ec_dev_ioctl' function in 'net/econet/af_econet.c'. The issue is triggered when a local attacker uses a SIOCSIFADDR iotcl call to bypass access restrictions and configure econet addresses.
70261 Linux Kernel net/econet/af_econet.c econet_sendmsg Function sendmsg Call Loca...

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'econet_sendmsg' function in 'net/econet/af_econet.c' alows local users to use a sendmsg call which specifies a NULL value for the remote address field to cause a denial of service via a NULL pointer dereference.
70260 Linux Kernel net/econet/af_econet.c econet_sendmsg Function iovec Structure L...

Linux Kernel is prone to an overflow condition. The 'econet_sendmsg' function in 'net/econet/af_econet.c' fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. By providing a large number of iovec structures, a local attacker can gain elevated privileges.
69787 Linux Kernel net/core/ethtool.c ethtool_get_rxnfc Function ETHTOOL_GRXCLSRLAL...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'ethtool_get_rxnfc' function in 'net/core/ethtool.c' fails to initialize a certain block of heap memory, which will disclose potentitally sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value to a local attacker.
69551 Linux Kernel fs/exec.c setup_arg_pages CONFIG_STACK_GROWSDOWN Crafted Exec Sy...

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'setup_arg_pages' function in 'fs/exec.c' doesn't properly restrict the stack memory consumption of the 'arguments' or 'environment' when 'CONFIG_STACK_GROWSDOWN' is used, allowing a local attacker to cause a denial of service via a crafted exec system call.
69531 Linux Kernel ipc Subsystem ipc/compat_mq.c Multiple Function Local Memory Dis...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_mq_open' and 'compat_sys_mq_getsetattr' functions in 'ipc/compat_mq.c'.
69530 Linux Kernel ipc Subsystem ipc/compat.c Multiple Function Local Memory Disclo...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_semctl', 'compat_sys_msgctl', and 'compat_sys_shmctl' functions in 'ipc/compat.c'.
69529 Linux Kernel USB Subsystem drivers/usb/serial/mos7840.c mos7840_ioctl Functio...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the USB Subsystem fails to properly initialize certain structure members, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call, and the 'mos7720_ioctl' function in 'drivers/usb/serial/mos7720.c' and 'mos7840_ioctl' function in 'drivers/usb/serial/mos7840.c'.
69528 Linux Kernel USB Subsystem drivers/usb/serial/mos7720.c mos7720_ioctl Functio...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the USB Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call and the 'mos7720_ioctl' function in 'drivers/usb/serial/mos7720.c' and the 'mos7840_ioctl' function in 'drivers/usb/serial/mos7840.c'.
69527 Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock...

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets.
69526 Linux Kernel drivers/media/video/ivtv/ivtvfb.c ivtvfb_ioctl Function FBIOGET_...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'ivtvfb_ioctl' function in 'drivers/media/video/ivtv/ivtvfb.c' fails to properly initialize a certain structure member, which will disclose potentially sensitive kernal stack memory information via an FBIOGET_VBLANK IOTCL call to a local attacker.
69525 Linux Kernel drivers/video/sis/sis_main.c sisfb_ioctl Function FBIOGET_VBLANK...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'sisfb_ioctl' function in 'drivers/video/sis/sis_main.c' fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via a FBIOGET_VBLANK IOTCL call.
69521 Linux Kernel ipc/shm.c copy_shmid_to_user Function shmctl System Call Local M...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'copy_shmid_to_user' function in 'ipc/shm.c' fails to properly initialize an unspecified structure, which can be exploited via the shmctl system call to disclose kernel stack memory to a local attacker.
69515 Linux Kernel net/sctp/auth.c sctp_auth_asoc_get_hmac Function SCTP Peer hmac_...

Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when the 'sctp_auth_asoc_get_hmac()' function in 'net/sctp/auth.c' fails to properly reset the last id element of an SCTP peer's hmac_ids array if it is out of range, allowing a remote attacker to use a crafted value for the last element of the array to cause a denial of service.
69425 Linux Kernel mm/mprotect.c mprotect System Call Use-after-free Local DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a Use-after-free vulnerability in 'mm/mprotect.c' is exploited via an mprotect system call, and will result in loss of availability.
69424 Linux Kernel net/sctp/output.c sctp_packet_config Function SCTP Traffic Seque...

69241 Linux Kernel TCP MSS Divide-by-zero DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a user program passes a malformed TCP_MAXSEG value to tcp_select_initial_window, causing a divide-by-zero, resulting in loss of availability for the system.
69117 Linux Kernel net/rds/page.c rds_page_copy_user() Function Local Privilege Esc...

Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'rds_page_copy_user' function in 'net/rds/page.c' in the Reliable Datagram Sockets (RDS) protocol implementation fails to validate addresses obtained from user space, allowing a local attacker to make crafted use of the sendmsg and recvmsg system calls to gain elevated privileges.
68872 Linux Kernel i915 KVM Host Register Loading KVM_RUN IOCTL Local DoS

68871 Linux Kernel i915 drivers/media/video/v4l2-compat-ioctl32.c get_microcode32()...

68870 Linux Kernel i915 DRM Subsystem GEM drivers/gpu/drm/i915/i915_gem.c IOCTL Int...

68370 Linux Kernel drivers/block/pktcdvd.c pkt_find_dev_from_minor Function PKT_CTR...

68307 Linux Kernel drivers/net/usb/hso.c hso_get_count Function TIOCGICOUNT IOCTL L...

68306 Linux Kernel drivers/net/eql.c eql_g_master_cfg Function EQL_GETMASTRCFG IOCT...

68305 Linux Kernel drivers/net/cxgb3/cxgb3_main.c cxgb_extension_ioctl Function CHE...

68304 Linux Kernel kernel/trace/ftrace.c debugfs File Descriptor lseek Call Local DoS

68303 Linux Kernel XFS Inode Allocation Btree Stale NFS Filehandle Unlinked File Ac...

68290 Linux Kernel on 32-bit net/core/ethtool.c ethtool_get_rxnfc Function ETHTOOL_...

68289 Linux Kernel fs/jfs/xattr.c Extended Attribute Storage Legacy Format xattr Na...

68266 Linux Kernel sound/core/control.c snd_ctl_new() Function Local Overflow

68213 Linux Kernel on 64-bit include/asm/compat.h compat_alloc_user_space Function ...

68192 Linux Kernel on x86_64 arch/x86/ia32/ia32entry.S IA32 System Call Emulation O...

68177 Linux Kernel net/sched/act_police.c tcf_act_police_dump Function Network Queu...

68176 Linux Kernel sound/core/seq/oss/seq_oss_init.c snd_seq_oss_open Function Doub...

68174 Linux Kernel fs/aio.c do_io_submit Function Crafted io_submit System Call Loc...

68173 Linux Kernel net/sched/act_skbedit.c tcf_skbedit_dump Function Network Queuei...

68172 Linux Kernel net/sched/act_simple.c tcf_simp_dump Function Network Queueing A...

68171 Linux Kernel net/sched/act_nat.c tcf_nat_dump Function Network Queueing Actio...

68170 Linux Kernel net/sched/act_mirred.c tcf_mirred_dump Function Network Queueing...

68169 Linux Kernel net/sched/act_gact.c tcf_gact_dump Function Network Queueing Act...

68163 Linux Kernel net/rose/af_rose.c Multiple Function Signedness Error Local DoS

67917 Linux Kernel fs/btrfs/ioctl.c btrfs_ioctl_clone Function BTRFS_IOC_CLONE_RANG...

67897 Linux Kernel drivers/net/niu.c niu_get_ethtool_tcam_all() Function Crafted ET...

67896 Linux Kernel L2TP drivers/net/pppol2tp.c pppol2tp_xmit Function Routing Chang...

67894 Linux Kernel drivers/char/tty_io.c tty_fasync Function Race Condition Local DoS

67892 Linux Kernel fs/ext4/move_extent.c mext_check_arguments Function MOVE_EXT IOC...

67881 Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack...

67773 Linux Kernel net/irda/af_irda.c irda_bind() Function Object Cleanup NULL Der...

67742 Linux Kernel net/wireless/wext-compat.c cfg80211_wext_giwessid Function Craft...

67366 Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R...

67335 Linux Kernel Controller Area Network net/can/bcm.c Broadcast Manager Implemen...

67334 Linux Kernel drivers/gpu/drm/drm_drv.c drm_ioctl() Function Crafted IOCTL Ker...

67327 Linux Kernel fs/ext4/extents.c ext4_ext_get_blocks Function Write / Sync Oper...

67244 Linux Kernel fs/cifs/cifssmb.c CIFSSMBWrite() SMB Response Packet Handling R...

67243 Linux Kernel fs/nfsd/nfs4xdr.c NFS XDR Compound Request Handling Overflow

67237 Linux Kernel mm/memory.c do_anonymous_page Function Shared Memory Segment Bot...

66582 Linux Kernel CIFS DNS Resolver Lookup Results Keyring Cache Poisoning Weakness

65631 Linux Kernel fs/xfs/xfs_dfrag.c xfs_swapext() Function Crafted IOCTL Local Ac...

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545
2011-06-09 IAVM : 2011-A-0075 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0028311
2011-05-12 IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158
2010-09-23 IAVM : 2010-B-0085 - Linux Kernel Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0025410

Snort® IPS/IDS

Date Description
2014-01-10 Linux kernel IA32 out-of-bounds system call attempt
RuleID : 24371 - Revision : 5 - Type : OS-LINUX
2014-01-10 Linux kernel IA32 out-of-bounds system call attempt
RuleID : 24370 - Revision : 6 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0017_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0007_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-04-24 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16477.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_Kernel-100824.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-100915.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-101008.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-101026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0779.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0792.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0839.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0936.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-2008.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-2009.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-2011.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2001.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2013-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO
2013-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-dmx-120410.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-rdp-120410.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0660.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0670.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0677.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0705.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0711.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0719.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0893.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0907.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100805_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100810_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100907_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100921_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101019_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101025_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101109_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101201_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101206_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7137.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-04-23 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12677.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-06-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO
2011-06-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO
2011-06-06 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0009.nasl - Type : ACT_GATHER_INFO
2011-06-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-265-01.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO
2011-04-29 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-04-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO
2011-03-08 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO
2011-02-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2011-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO
2011-02-11 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12672.nasl - Type : ACT_GATHER_INFO
2011-02-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1057-1.nasl - Type : ACT_GATHER_INFO
2011-02-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO
2011-01-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100721.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100903.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100921.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101102.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-ec2-101103.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO
2011-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-01-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO
2011-01-07 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2011-01-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2010-12-26 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO
2010-12-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO
2010-12-06 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO
2010-12-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-247.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100920.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO
2010-12-01 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0017.nasl - Type : ACT_GATHER_INFO
2010-11-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1023-1.nasl - Type : ACT_GATHER_INFO
2010-11-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO
2010-11-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO
2010-11-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO
2010-11-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO
2010-10-29 Name : The remote Fedora host is missing a security update.
File : fedora_2010-16826.nasl - Type : ACT_GATHER_INFO
2010-10-29 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-101026.nasl - Type : ACT_GATHER_INFO
2010-10-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO
2010-10-18 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-101008.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7133.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xorg-x11-Xvnc-7126.nasl - Type : ACT_GATHER_INFO
2010-10-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12638.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-23 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12646.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-988-1.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO
2010-09-09 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14235.nasl - Type : ACT_GATHER_INFO
2010-09-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2010-09-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13903.nasl - Type : ACT_GATHER_INFO
2010-08-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-240-06.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12636.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-974-2.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13058.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13110.nasl - Type : ACT_GATHER_INFO
2010-08-23 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2094.nasl - Type : ACT_GATHER_INFO
2010-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-974-1.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2010-08-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11412.nasl - Type : ACT_GATHER_INFO
2010-08-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11462.nasl - Type : ACT_GATHER_INFO
2010-07-14 Name : The remote Fedora host is missing a security update.
File : fedora_2010-10880.nasl - Type : ACT_GATHER_INFO
2010-07-09 Name : The remote Fedora host is missing a security update.
File : fedora_2010-10876.nasl - Type : ACT_GATHER_INFO