Executive Summary
Summary | |
---|---|
Title | Linux Kernel vulnerabilities (Marvell Dove) |
Informations | |||
---|---|---|---|
Name | USN-1093-1 | First vendor Publication | 2011-03-25 |
Vendor | Ubuntu | Last vendor Modification | 2011-03-25 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 8.3 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 6.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 10.04 LTS: Ubuntu 10.10: ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. Details follow: Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2478, CVE-2010-3084) Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (Ubuntu 10.10 was not affected.) (CVE-2010-2942, CVE-2010-3477) Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. (CVE-2010-2943) Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. (Ubuntu 10.10 was not affected.) (CVE-2010-2954) Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2955) Tavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2960) Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962) Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. (CVE-2010-2963) Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. (Ubuntu 10.10 was not affected.) (CVE-2010-3067) Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (10.10 was not affected.) (CVE-2010-3078) Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079) Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. (Ubuntu 10.10 was not affected.) (CVE-2010-3080) Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298) Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. (Ubuntu 10.10 was not affected.) (CVE-2010-3310) Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (Ubuntu 10.10 was not affected.) (CVE-2010-3432) Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2010-3437) Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 10.10 was not affected.) (CVE-2010-3442) Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-3705) Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. (CVE-2010-3848, CVE-2010-3849, CVE-2010-3850) Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858) Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859) Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861) Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3865) Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3873) Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3874) Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875) Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876) Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3877) Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880) Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. (CVE-2010-3904) Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4072) Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077) Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158) Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163) Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. (CVE-2010-4165) Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4169) Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175) Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. (CVE-2010-4249) It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248) Krishna Gudipati discovered that the bfa adapter driver did not correctly initialize certain structures. A local attacker could read files in /sys to crash the system, leading to a denial of service. (CVE-2010-4343) Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346) It was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-4526) Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. (CVE-2010-4527) Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044) |
Original Source
Url : http://www.ubuntu.com/usn/USN-1093-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
23 % | CWE-200 | Information Exposure |
13 % | CWE-476 | NULL Pointer Dereference |
11 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
11 % | CWE-20 | Improper Input Validation |
6 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
6 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
4 % | CWE-362 | Race Condition |
4 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
4 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
2 % | CWE-665 | Improper Initialization |
2 % | CWE-416 | Use After Free |
2 % | CWE-415 | Double Free |
2 % | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') |
2 % | CWE-399 | Resource Management Errors |
2 % | CWE-369 | Divide By Zero |
2 % | CWE-193 | Off-by-one Error |
2 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12770 | |||
Oval ID: | oval:org.mitre.oval:def:12770 | ||
Title: | USN-1074-1 -- linux-fsl-imx51 vulnerabilities | ||
Description: | Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1074-1 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2240 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2803 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2959 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3861 CVE-2010-3904 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
Platform(s): | Ubuntu 9.10 | Product(s): | linux-fsl-imx51 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13363 | |||
Oval ID: | oval:org.mitre.oval:def:13363 | ||
Title: | USN-1074-2 -- linux-fsl-imx51 vulnerabilities | ||
Description: | USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1074-2 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3301 CVE-2010-3081 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3858 CVE-2010-3861 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-fsl-imx51 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19636 | |||
Oval ID: | oval:org.mitre.oval:def:19636 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3858 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20057 | |||
Oval ID: | oval:org.mitre.oval:def:20057 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3442 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20098 | |||
Oval ID: | oval:org.mitre.oval:def:20098 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3067 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20228 | |||
Oval ID: | oval:org.mitre.oval:def:20228 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-2942 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20281 | |||
Oval ID: | oval:org.mitre.oval:def:20281 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4248 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20348 | |||
Oval ID: | oval:org.mitre.oval:def:20348 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4346 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20373 | |||
Oval ID: | oval:org.mitre.oval:def:20373 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-2943 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20378 | |||
Oval ID: | oval:org.mitre.oval:def:20378 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4158 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20379 | |||
Oval ID: | oval:org.mitre.oval:def:20379 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3876 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20436 | |||
Oval ID: | oval:org.mitre.oval:def:20436 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4072 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20441 | |||
Oval ID: | oval:org.mitre.oval:def:20441 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3865 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20452 | |||
Oval ID: | oval:org.mitre.oval:def:20452 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3477 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20464 | |||
Oval ID: | oval:org.mitre.oval:def:20464 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3432 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20509 | |||
Oval ID: | oval:org.mitre.oval:def:20509 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3296 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20523 | |||
Oval ID: | oval:org.mitre.oval:def:20523 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4075 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20528 | |||
Oval ID: | oval:org.mitre.oval:def:20528 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4649 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20540 | |||
Oval ID: | oval:org.mitre.oval:def:20540 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3904 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20550 | |||
Oval ID: | oval:org.mitre.oval:def:20550 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1044 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20553 | |||
Oval ID: | oval:org.mitre.oval:def:20553 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3880 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20584 | |||
Oval ID: | oval:org.mitre.oval:def:20584 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3859 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20592 | |||
Oval ID: | oval:org.mitre.oval:def:20592 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3877 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20595 | |||
Oval ID: | oval:org.mitre.oval:def:20595 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-3078 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20600 | |||
Oval ID: | oval:org.mitre.oval:def:20600 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4343 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20611 | |||
Oval ID: | oval:org.mitre.oval:def:20611 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4249 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20627 | |||
Oval ID: | oval:org.mitre.oval:def:20627 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-4526 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21743 | |||
Oval ID: | oval:org.mitre.oval:def:21743 | ||
Title: | RHSA-2011:0163: kernel security and bug fix update (Important) | ||
Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0163-01 CESA-2011:0163 CVE-2010-4526 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22159 | |||
Oval ID: | oval:org.mitre.oval:def:22159 | ||
Title: | RHSA-2010:0839: kernel security and bug fix update (Moderate) | ||
Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0839-01 CESA-2010:0839 CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3448 CVE-2010-3477 | Version: | 81 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27240 | |||
Oval ID: | oval:org.mitre.oval:def:27240 | ||
Title: | ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update (important) | ||
Description: | Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-2009 CVE-2010-3477 CVE-2010-3904 CVE-2010-3067 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27587 | |||
Oval ID: | oval:org.mitre.oval:def:27587 | ||
Title: | ELSA-2010-2008 -- Unbreakable enterprise kernel security update (important) | ||
Description: | [2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-2008 CVE-2010-2942 CVE-2010-2943 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27702 | |||
Oval ID: | oval:org.mitre.oval:def:27702 | ||
Title: | ELSA-2010-2011 -- Unbreakable enterprise kernel security and bug fix update (important) | ||
Description: | Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. CVE-2010-2962 drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations. CVE-2010-2955 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. CVE-2010-3705 The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. CVE-2010-3084 Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command. CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. CVE-2010-3079 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file. CVE-2010-3698 The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-2011 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3698 CVE-2010-3705 CVE-2010-2955 CVE-2010-2962 CVE-2010-3079 CVE-2010-3084 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27842 | |||
Oval ID: | oval:org.mitre.oval:def:27842 | ||
Title: | ELSA-2012-2001 -- Unbreakable Enterprise kernel security and bug fix update (important) | ||
Description: | [2.6.32-300.7.1.el6uek] - Revert "proc: enable writing to /proc/pid/mem" [orabug 13619701] {CVE-2012-0056} - [PATCH] x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha) [2.6.32-300.6.1.el6uek] - tracing: Fix null pointer deref with SEND_SIG_FORCED (Oleg Nesterov) [orabug 13611655] [2.6.32-300.5.1.el6uek] - sched, x86: Avoid unnecessary overflow in sched_clock (Salman Qazi) [orabug 13604567] - [x86]: Don't resume/restore cpu if not of the expected cpu (Joe Jin) [orabug 13492670] - drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow (Chris Wilson) [CVE-2010-296] - x2apic: Enable the bios request for x2apic optout (Suresh Siddha) [orabug 13565303] - fuse: split queues to scale I/O throughput (Srinivas Eeda) [orabug 10004611] - fuse: break fc spinlock (Srinivas Eeda) [orabug 10004611] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-2001 CVE-2012-0056 CVE-2010-2962 | Version: | 5 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers mlnx_en |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28117 | |||
Oval ID: | oval:org.mitre.oval:def:28117 | ||
Title: | DEPRECATED: ELSA-2011-0004 -- kernel security, bug fix, and enhancement update (important) | ||
Description: | [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0004 CVE-2010-3432 CVE-2010-3442 CVE-2010-3699 CVE-2010-3858 CVE-2010-3859 CVE-2010-3865 CVE-2010-3876 CVE-2010-3880 CVE-2010-4083 CVE-2010-4157 CVE-2010-4161 CVE-2010-4242 CVE-2010-4247 CVE-2010-4248 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28143 | |||
Oval ID: | oval:org.mitre.oval:def:28143 | ||
Title: | DEPRECATED: ELSA-2011-0163 -- kernel security and bug fix update (important) | ||
Description: | [2.6.18-238.1.1.0.1.el5] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.1.1.el5] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [667141 665427] - [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [666792 660661] - [mm] prevent file lock corruption using popen(3) (Larry Woodman) [667050 664931] - [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665476 665477] {CVE-2010-4526} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0163 CVE-2010-4526 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28199 | |||
Oval ID: | oval:org.mitre.oval:def:28199 | ||
Title: | DEPRECATED: ELSA-2011-0017 -- Oracle Linux 5.6 kernel security and bug fix update (important) | ||
Description: | This update fixes the following security issues: * A NULL pointer dereference flaw was found in the igb driver in the Linux kernel. If both the Single Root I/O Virtualization (SR-IOV) feature and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. (CVE-2010-4238, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) * A flaw was found in fixup_page_fault() in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-4255, Moderate) * A missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the "/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate) * Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158, Low) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0017 CVE-2010-3296 CVE-2010-3877 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4080 CVE-2010-4081 CVE-2010-4158 CVE-2010-4238 CVE-2010-4243 CVE-2010-4255 CVE-2010-4263 CVE-2010-4343 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28217 | |||
Oval ID: | oval:org.mitre.oval:def:28217 | ||
Title: | DEPRECATED: ELSA-2010-0792 -- kernel security update (important) | ||
Description: | [2.6.18-194.17.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.17.4.el5] - [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0792 CVE-2010-3904 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2011-09-05 | Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit |
2011-03-14 | Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit |
2011-03-10 | Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS |
2011-03-02 | Linux Kernel <= 2.6.37 Local Kernel Denial of Service |
2010-12-07 | Linux Kernel <= 2.6.37 - Local Privilege Escalation |
2010-10-28 | Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability |
2010-10-19 | Linux RDS Protocol Local Privilege Escalation |
2010-09-29 | Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel) File : nvt/gb_suse_2012_0206_1.nasl |
2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel) File : nvt/gb_suse_2012_0236_1.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2010:0936 centos4 x86_64 File : nvt/gb_CESA-2010_0936_kernel_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64 File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0163 centos5 x86_64 File : nvt/gb_CESA-2011_0163_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64 File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64 File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:0283-01 File : nvt/gb_RHSA-2011_0283-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0498-01 File : nvt/gb_RHSA-2011_0498-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0836-01 File : nvt/gb_RHSA-2011_0836-01_kernel.nasl |
2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-31 | Name : Ubuntu Update for linux-ti-omap4 USN-1244-1 File : nvt/gb_ubuntu_USN_1244_1.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
2011-09-23 | Name : RedHat Update for kernel RHSA-2011:1321-01 File : nvt/gb_RHSA-2011_1321-01_kernel.nasl |
2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
2011-08-12 | Name : Ubuntu Update for linux USN-1183-1 File : nvt/gb_ubuntu_USN_1183_1.nasl |
2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0723 centos5 i386 File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0792 centos5 i386 File : nvt/gb_CESA-2010_0792_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2010:0839 centos5 i386 File : nvt/gb_CESA-2010_0839_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0004 centos5 i386 File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0163 centos5 i386 File : nvt/gb_CESA-2011_0163_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0303 centos5 i386 File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0927 centos5 i386 File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
2011-07-18 | Name : RedHat Update for kernel RHSA-2011:0927-01 File : nvt/gb_RHSA-2011_0927-01_kernel.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
2011-06-03 | Name : Ubuntu Update for linux USN-1133-1 File : nvt/gb_ubuntu_USN_1133_1.nasl |
2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
2011-03-07 | Name : RedHat Update for kernel RHSA-2011:0303-01 File : nvt/gb_RHSA-2011_0303-01_kernel.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1 File : nvt/gb_ubuntu_USN_1071_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux vulnerabilities USN-1072-1 File : nvt/gb_ubuntu_USN_1072_1.nasl |
2011-02-28 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1 File : nvt/gb_ubuntu_USN_1073_1.nasl |
2011-02-18 | Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01 File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
2011-02-04 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1 File : nvt/gb_ubuntu_USN_1054_1.nasl |
2011-02-04 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1 File : nvt/gb_ubuntu_USN_1057_1.nasl |
2011-01-31 | Name : CentOS Update for kernel CESA-2010:0936 centos4 i386 File : nvt/gb_CESA-2010_0936_kernel_centos4_i386.nasl |
2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0163-01 File : nvt/gb_RHSA-2011_0163-01_kernel.nasl |
2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
2011-01-14 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1 File : nvt/gb_ubuntu_USN_1041_1.nasl |
2011-01-11 | Name : RedHat Update for kernel RHSA-2011:0004-01 File : nvt/gb_RHSA-2011_0004-01_kernel.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:047 File : nvt/gb_suse_2010_047.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:051 File : nvt/gb_suse_2010_051.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
2011-01-04 | Name : Mandriva Update for kernel MDVSA-2010:257 (kernel) File : nvt/gb_mandriva_MDVSA_2010_257.nasl |
2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
2010-12-09 | Name : RedHat Update for kernel RHSA-2010:0936-01 File : nvt/gb_RHSA-2010_0936-01_kernel.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
2010-12-09 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1023-1 File : nvt/gb_ubuntu_USN_1023_1.nasl |
2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-14832 File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl |
2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-16826 File : nvt/gb_fedora_2010_16826_kernel_fc14.nasl |
2010-11-16 | Name : RedHat Update for kernel RHSA-2010:0839-01 File : nvt/gb_RHSA-2010_0839-01_kernel.nasl |
2010-11-16 | Name : SuSE Update for kernel SUSE-SA:2010:053 File : nvt/gb_suse_2010_053.nasl |
2010-11-04 | Name : CentOS Update for kernel CESA-2010:0779 centos4 i386 File : nvt/gb_CESA-2010_0779_kernel_centos4_i386.nasl |
2010-11-04 | Name : RedHat Update for kernel RHSA-2010:0792-01 File : nvt/gb_RHSA-2010_0792-01_kernel.nasl |
2010-10-22 | Name : RedHat Update for kernel RHSA-2010:0779-01 File : nvt/gb_RHSA-2010_0779-01_kernel.nasl |
2010-10-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1 File : nvt/gb_ubuntu_USN_1000_1.nasl |
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2110-1 (linux-2.6) File : nvt/deb_2110_1.nasl |
2010-10-01 | Name : RedHat Update for kernel RHSA-2010:0723-01 File : nvt/gb_RHSA-2010_0723-01_kernel.nasl |
2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14878 File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl |
2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14890 File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl |
2010-09-10 | Name : Fedora Update for kernel FEDORA-2010-14235 File : nvt/gb_fedora_2010_14235_kernel_fc13.nasl |
2010-09-07 | Name : Fedora Update for kernel FEDORA-2010-13903 File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl |
2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13058 File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl |
2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13110 File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl |
2010-08-06 | Name : Fedora Update for kernel FEDORA-2010-11412 File : nvt/gb_fedora_2010_11412_kernel_fc12.nasl |
2010-08-06 | Name : Fedora Update for kernel FEDORA-2010-11462 File : nvt/gb_fedora_2010_11462_kernel_fc13.nasl |
2010-07-16 | Name : Fedora Update for kernel FEDORA-2010-10880 File : nvt/gb_fedora_2010_10880_kernel_fc12.nasl |
2010-07-12 | Name : Fedora Update for kernel FEDORA-2010-10876 File : nvt/gb_fedora_2010_10876_kernel_fc13.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
72993 | Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ... |
71649 | Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ... |
70378 | Linux Kernel Locked Socket ICMP Unreachable Message Race Condition Remote DoS Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when a race condition occurs, allowing a remote attacker to cause a panic denial of service via an ICMP unreachable message to an already locked socket, triggering last corruption. |
70376 | Linux Kernel net/rds/rdma.c rds_cmsg_rdma_args Function RDS Request Local Ove... Linux Kernel is prone to an overflow condition. The 'rds_cmsg_rdma_args 'function in 'net/rds/rdma.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted Reliable Datagram Sockets request, a local attacker can potentially cause a denial of service. |
70375 | Linux Kernel net/rds/rdma.c rds_rdma_pages Function RDS Request iovec Struct ... Linux Kernel is prone to an overflow condition. The 'rds_rdma_pages' function in 'net/rds/rdma.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted iovec struct in a reliable datagram sockets (RDS) request a local attacker can cause a denial of service. It is also possible, though not yet confirmed, that this vulnerability would allow the execution of arbitrary code. |
70290 | Linux Kernel net/tipc/socket.c get_name Function Local Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'get_name' function in 'net/tipc/socket.c' fails to initialize a certain structure, which will disclose potentially sensitive kernel stack memory information to a local attacker. |
70262 | Linux Kernel net/econet/af_econet.c ec_dev_ioctl Function SIOCSIFADDR IOCTL e... Linux Kernel contains a flaw related to the the 'ec_dev_ioctl' function in 'net/econet/af_econet.c'. The issue is triggered when a local attacker uses a SIOCSIFADDR iotcl call to bypass access restrictions and configure econet addresses. |
70261 | Linux Kernel net/econet/af_econet.c econet_sendmsg Function sendmsg Call Loca... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'econet_sendmsg' function in 'net/econet/af_econet.c' alows local users to use a sendmsg call which specifies a NULL value for the remote address field to cause a denial of service via a NULL pointer dereference. |
70260 | Linux Kernel net/econet/af_econet.c econet_sendmsg Function iovec Structure L... Linux Kernel is prone to an overflow condition. The 'econet_sendmsg' function in 'net/econet/af_econet.c' fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. By providing a large number of iovec structures, a local attacker can gain elevated privileges. |
70240 | Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when Aa error within the 'load_mixer_volumes()' function in 'sound/oss/soundcard.c' occurs, which will disclose certain kernel memory to a local attacker via a crafted SOUND_MIXER_SETLEVELS IOCTL. |
70239 | Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_... Linux Kernel is prone to an overflow condition. The 'load_mixer_volumes()' function in 'sound/oss/soundcard.c' fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted SOUND_MIXER_SETLEVELS IOCTL, a local attacker can potentially execute arbitrary code. |
70228 | Linux Kernel drivers/scsi/bfa/bfa_core.c fc_host Statistics File Read Operati... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'drivers/scsi/bfa/bfa_core.c' fails to initialize a certain port data structure, and will result in a denial of service via read operations on an fc_host statistics file. |
70227 | Linux Kernel on 64-bit Controller Area Network net/can/bcm.c bcm_connect Func... Linux Kernel on 64-bit is prone to an overflow condition. The 'bcm_connect' function in 'net/can/bcm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted connect operation, a local attacker can potentially cause a denial of service via memory corruption. |
70226 | Linux Kernel TIPC Implementation Crafted sendmsg Call Integer Signedness Loca... Linux Kernel is prone to an integer signedness error that will allow an overflow condition. The TIPC implementation in the 'tipc_msg_build()' function in 'net/tipc/msg.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted sendmsg call, a local attacker can potentially gain elevated privileges. |
69788 | Linux Kernel net/ipv4/inet_diag.c Netlink Message Crafted INET_DIAG_REQ_BYTEC... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'net/ipv4/inet_diag.c' fails to properly audit 'INET_DIAG' bytecode, allowing a local attacker to use a crafted 'INET_DIAG_REQ_BYTECODE' instruction in a netlink message containing multiple attribute elements to cause a denial of service via a kernel infinite loop. |
69787 | Linux Kernel net/core/ethtool.c ethtool_get_rxnfc Function ETHTOOL_GRXCLSRLAL... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ethtool_get_rxnfc' function in 'net/core/ethtool.c' fails to initialize a certain block of heap memory, which will disclose potentitally sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value to a local attacker. |
69701 | Linux Kernel mm/mmap.c install_special_mapping() Function mmap_min_addr Local... Linux Kernel contains a flaw related to the 'install_special_mapping()' function in mm/mmap.c. It fails to properly restrict mappings below the"mmap_min_addr" sysctl limit, allowing a local attacker to map memory into forbidden areas. |
69578 | Linux Kernel kernel/exit.c the __exit_signal Function Thread Group Leader Rac... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a race condition in the '__exit_signal' function in 'kernel/exit.c' is exploited to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in 'kernel/posix-cpu-timers.c', and the selection of a new thread group leader in the 'de_thread' function 'in fs/exec.c'. |
69551 | Linux Kernel fs/exec.c setup_arg_pages CONFIG_STACK_GROWSDOWN Crafted Exec Sy... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'setup_arg_pages' function in 'fs/exec.c' doesn't properly restrict the stack memory consumption of the 'arguments' or 'environment' when 'CONFIG_STACK_GROWSDOWN' is used, allowing a local attacker to cause a denial of service via a crafted exec system call. |
69527 | Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets. |
69524 | Linux Kernel drivers/char/nozomi.c ntty_ioctl_tiocgicount Function TIOCGICOUN... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ntty_ioctl_tiocgicount' function in 'drivers/char/nozomi.c' fails to properly initialize a certain structure member, which will disclose potentially sensitive information from the kernel stack memory to a local attacker. |
69523 | Linux Kernel drivers/char/amiserial.c rs_ioctl Function TIOCGICOUNT IOCTL Cal... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'rs_ioctl' function in 'drivers/char/amiserial.c' fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call. |
69522 | Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call. |
69521 | Linux Kernel ipc/shm.c copy_shmid_to_user Function shmctl System Call Local M... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_shmid_to_user' function in 'ipc/shm.c' fails to properly initialize an unspecified structure, which can be exploited via the shmctl system call to disclose kernel stack memory to a local attacker. |
69515 | Linux Kernel net/sctp/auth.c sctp_auth_asoc_get_hmac Function SCTP Peer hmac_... Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when the 'sctp_auth_asoc_get_hmac()' function in 'net/sctp/auth.c' fails to properly reset the last id element of an SCTP peer's hmac_ids array if it is out of range, allowing a remote attacker to use a crafted value for the last element of the array to cause a denial of service. |
69453 | Linux Kernel block/blk-map.c blk_rq_map_user_iov() Function Zero-length I/O R... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when an error within the 'blk_rq_map_user_iov()' function in 'block/blk-map.c' when processing zero-length I/O requests occurs, allowing an attacker to cause a loss of availability. |
69425 | Linux Kernel mm/mprotect.c mprotect System Call Use-after-free Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a Use-after-free vulnerability in 'mm/mprotect.c' is exploited via an mprotect system call, and will result in loss of availability. |
69424 | Linux Kernel net/sctp/output.c sctp_packet_config Function SCTP Traffic Seque... |
69241 | Linux Kernel TCP MSS Divide-by-zero DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a user program passes a malformed TCP_MAXSEG value to tcp_select_initial_window, causing a divide-by-zero, resulting in loss of availability for the system. |
69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
69162 | Linux Kernel net/packet/af_packet.c Multiple Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'packet_getname_spkt()' and 'packet_getname()' functions in 'net/packet/af_packet.c' fail to properly initialize a member of a certain structure before copying it to userspace, which will disclose kernel stack memory to a local attacker. |
69161 | Linux Kernel net/ax25/af_ax25.c ax25_getname() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'ax25_getname()' function in 'net/ax25/af_ax25.c' fails to properly initialize a member of a certain structure before copying it to userspace, which will disclose kernel stack memory to a local attacker. |
69117 | Linux Kernel net/rds/page.c rds_page_copy_user() Function Local Privilege Esc... Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'rds_page_copy_user' function in 'net/rds/page.c' in the Reliable Datagram Sockets (RDS) protocol implementation fails to validate addresses obtained from user space, allowing a local attacker to make crafted use of the sendmsg and recvmsg system calls to gain elevated privileges. |
69017 | Linux Kernel net/x25/x25_facilities.c x25_parse_facilities() Function Memory ... A memory corruption flaw exists in Linux Kernel. The 'x25_parse_facilities()' function in 'net/x25/x25_facilities.c' suffers from a boundary error, resulting in kernel heap memory corruption. With specially crafted X.25 traffic, a local attacker can cause a loss of availability. |
68871 | Linux Kernel i915 drivers/media/video/v4l2-compat-ioctl32.c get_microcode32()... |
68870 | Linux Kernel i915 DRM Subsystem GEM drivers/gpu/drm/i915/i915_gem.c IOCTL Int... |
68370 | Linux Kernel drivers/block/pktcdvd.c pkt_find_dev_from_minor Function PKT_CTR... |
68307 | Linux Kernel drivers/net/usb/hso.c hso_get_count Function TIOCGICOUNT IOCTL L... |
68306 | Linux Kernel drivers/net/eql.c eql_g_master_cfg Function EQL_GETMASTRCFG IOCT... |
68305 | Linux Kernel drivers/net/cxgb3/cxgb3_main.c cxgb_extension_ioctl Function CHE... |
68304 | Linux Kernel kernel/trace/ftrace.c debugfs File Descriptor lseek Call Local DoS |
68303 | Linux Kernel XFS Inode Allocation Btree Stale NFS Filehandle Unlinked File Ac... |
68290 | Linux Kernel on 32-bit net/core/ethtool.c ethtool_get_rxnfc Function ETHTOOL_... |
68266 | Linux Kernel sound/core/control.c snd_ctl_new() Function Local Overflow |
68177 | Linux Kernel net/sched/act_police.c tcf_act_police_dump Function Network Queu... |
68176 | Linux Kernel sound/core/seq/oss/seq_oss_init.c snd_seq_oss_open Function Doub... |
68174 | Linux Kernel fs/aio.c do_io_submit Function Crafted io_submit System Call Loc... |
68173 | Linux Kernel net/sched/act_skbedit.c tcf_skbedit_dump Function Network Queuei... |
68172 | Linux Kernel net/sched/act_simple.c tcf_simp_dump Function Network Queueing A... |
68171 | Linux Kernel net/sched/act_nat.c tcf_nat_dump Function Network Queueing Actio... |
68170 | Linux Kernel net/sched/act_mirred.c tcf_mirred_dump Function Network Queueing... |
68169 | Linux Kernel net/sched/act_gact.c tcf_gact_dump Function Network Queueing Act... |
68163 | Linux Kernel net/rose/af_rose.c Multiple Function Signedness Error Local DoS |
67897 | Linux Kernel drivers/net/niu.c niu_get_ethtool_tcam_all() Function Crafted ET... |
67881 | Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack... |
67775 | Linux Kernel security/keys/keyctl.c keyctl_session_to_parent() Function NULL ... |
67773 | Linux Kernel net/irda/af_irda.c irda_bind() Function Object Cleanup NULL Der... |
67742 | Linux Kernel net/wireless/wext-compat.c cfg80211_wext_giwessid Function Craft... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100915.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101008.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101026.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2008.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2009.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2011.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2001.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO |
2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO |
2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101025_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101109_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101201_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO |
2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1244-1.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
2011-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
2011-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO |
2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO |
2011-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
2011-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO |
2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO |
2011-02-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1057-1.nasl - Type : ACT_GATHER_INFO |
2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100903.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101102.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-ec2-101103.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
2011-01-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
2010-12-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO |
2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100920.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1023-1.nasl - Type : ACT_GATHER_INFO |
2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16826.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-101026.nasl - Type : ACT_GATHER_INFO |
2010-10-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO |
2010-10-18 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-101008.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
2010-09-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12646.nasl - Type : ACT_GATHER_INFO |
2010-09-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14235.nasl - Type : ACT_GATHER_INFO |
2010-07-14 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10880.nasl - Type : ACT_GATHER_INFO |
2010-07-09 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10876.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:25 |
|