Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Linux kernel vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-1105-1 | First vendor Publication | 2011-04-05 |
| Vendor | Ubuntu | Last vendor Modification | 2011-04-05 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. Details follow: Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077) Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158) Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162) Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163) Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4164) Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. A local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242) Nelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges. (CVE-2010-4258) Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346) |
Original Source
| Url : http://www.ubuntu.com/usn/USN-1105-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 44 % | CWE-200 | Information Exposure |
| 11 % | CWE-476 | NULL Pointer Dereference |
| 11 % | CWE-269 | Improper Privilege Management |
| 11 % | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 11 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 11 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:12710 | |||
| Oval ID: | oval:org.mitre.oval:def:12710 | ||
| Title: | DSA-2126-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
| Description: | CVE-2010-2963 Kees Cook discovered an issue in the v4l 32-bit compatibility layer for 64-bit systems that allows local users with /dev/video write permission to overwrite arbitrary kernel memory, potentially leading to a privilege escalation. On Debian systems, access to /dev/video devices is restricted to members of the "video" group by default. CVE-2010-3067 Tavis Ormandy discovered an issue in the io_submit system call. Local users can cause an integer overflow resulting in a denial of service. CVE-2010-3296 Dan Rosenberg discovered an issue in the cxgb network driver that allows unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-3297 Dan Rosenberg discovered an issue in the eql network driver that allows local users to obtain the contents of sensitive kernel memory. CVE-2010-3310 Dan Rosenberg discovered an issue in the ROSE socket implementation. On systems with a rose device, local users can cause a denial of service. CVE-2010-3432 Thomas Dreibholz discovered an issue in the SCTP protocol that permits a remote user to cause a denial of service. CVE-2010-3437 Dan Rosenberg discovered an issue in the pktcdvd driver. Local users with permission to open /dev/pktcdvd/control can obtain the contents of sensitive kernel memory or cause a denial of service. By default on Debian systems, this access is restricted to members of the group "cdrom". CVE-2010-3442 Dan Rosenberg discovered an issue in the ALSA sound system. Local users with permission to open /dev/snd/controlC0 can create an integer overflow condition that causes a denial of service. By default on Debian systems, this access is restricted to members of the group "audio". CVE-2010-3448 Dan Jacobson reported an issue in the thinkpad-acpi driver. On certain Thinkpad systems, local users can cause a denial of service by reading /proc/acpi/ibm/video. CVE-2010-3477 Jeff Mahoney discovered an issue in the Traffic Policing module that allows local users to obtain the contents of sensitive kernel memory. CVE-2010-3705 Dan Rosenberg reported an issue in the HMAC processing code in the SCTP protocol that allows remote users to create a denial of service. CVE-2010-3848 Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a stack overflow condition with large msg->msgiovlen values that can result in a denial of service or privilege escalation. CVE-2010-3849 Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a denial of service if a NULL remote addr value is passed as a parameter to sendmsg. CVE-2010-3850 Nelson Elhage discovered an issue in the Econet protocol. Local users can assign econet addresses to arbitrary interfaces due to a missing capabilities check. CVE-2010-3858 Brad Spengler reported an issue in the setup_arg_pages function. Due to a bounds-checking failure, local users can create a denial of service. CVE-2010-3859 Dan Rosenberg reported an issue in the TIPC protocol. When the tipc module is loaded, local users can gain elevated privileges via the sendmsg system call. CVE-2010-3873 Dan Rosenberg reported an issue in the X.25 network protocol. Local users can cause heap corruption, resulting in a denial of service. CVE-2010-3874 Dan Rosenberg discovered an issue in the Control Area Network subsystem on 64-bit systems. Local users may be able to cause a denial of service. CVE-2010-3875 Vasiliy Kulikov discovered an issue in the AX.25 protocol. Local users can obtain the contents of sensitive kernel memory. CVE-2010-3876 Vasiliy Kulikov discovered an issue in the Packet protocol. Local users can obtain the contents of sensitive kernel memory. CVE-2010-3877 Vasiliy Kulikov discovered an issue in the TIPC protocol. Local users can obtain the contents of sensitive kernel memory. CVE-2010-3880 Nelson Elhage discovered an issue in the INET_DIAG subsystem. Local users can cause the kernel to execute unaudited INET_DIAG bytecode, resulting in a denial of service. CVE-2010-4072 Kees Cook discovered an issue in the System V shared memory subsystem. Local users can obtain the contents of sensitive kernel memory. CVE-2010-4073 Dan Rosenberg discovered an issue in the System V shared memory subsystem. Local users on 64-bit system can obtain the contents of sensitive kernel memory via the 32-bit compatible semctl system call. CVE-2010-4074 Dan Rosenberg reported issues in the mos7720 and mos7840 drivers for USB serial converter devices. Local users with access to these devices can obtain the contents of sensitive kernel memory. CVE-2010-4078 Dan Rosenberg reported an issue in the framebuffer driver for SiS graphics chipesets. Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl. CVE-2010-4079 Dan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge PVR-350 card. Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl. CVE-2010-4080 Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl. CVE-2010-4081 Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP MADI audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl. CVE-2010-4083 Dan Rosenberg discovered an issue in the semctl system call. Local users can obtain the contents of sensitive kernel memory through usage of the semid_ds structure. CVE-2010-4164 Dan Rosenberg discovered an issue in the X.25 network protocol. Remote users can achieve a denial of service by taking advantage of an integer underflow in the facility parsing code. For the stable distribution, this problem has been fixed in version 2.6.26-26lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+26lenny1 | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2126-1 CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4083 CVE-2010-4164 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20348 | |||
| Oval ID: | oval:org.mitre.oval:def:20348 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4346 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20378 | |||
| Oval ID: | oval:org.mitre.oval:def:20378 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4158 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20480 | |||
| Oval ID: | oval:org.mitre.oval:def:20480 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4242 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20523 | |||
| Oval ID: | oval:org.mitre.oval:def:20523 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4075 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-03-14 | Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit |
| 2010-12-07 | Linux Kernel <= 2.6.37 - Local Privilege Escalation |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64 File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
| 2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
| 2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1183-1 File : nvt/gb_ubuntu_USN_1183_1.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0004 centos5 i386 File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
| 2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
| 2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
| 2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
| 2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
| 2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
| 2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
| 2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
| 2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
| 2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
| 2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
| 2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
| 2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
| 2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
| 2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
| 2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
| 2011-01-11 | Name : RedHat Update for kernel RHSA-2011:0004-01 File : nvt/gb_RHSA-2011_0004-01_kernel.nasl |
| 2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 70379 | Linux Kernel drivers/bluetooth/hci_ldisc.c hci_uart_tty_open Function NULL De... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'hci_uart_tty_open' function in 'drivers/bluetooth/hci_ldisc.c' fails to properly verify whether the tty has a write operation, allowing a local attacker to cause a NULL pointer dereference denial of service via vectors related to the Bluetooth driver. |
| 70291 | Linux Kernel net/x25/x25_facilities.c x25_parse_facilities Function Facility ... Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when multiple integer underflows in the 'x25_parse_facilities' function in 'net/x25/x25_facilities.c' allows remote attackers to use malformed X25_FAC_CLASS_A, X25_FAC_CLASS_B, X25_FAC_CLASS_C or X25_FAC_CLASS_D facility data to cause a denial of service. |
| 70265 | Linux Kernel kernel/exit.c do_exit Function KERNEL_DS get_fs Value Handling L... Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'do_exit' function in 'kernel/exit.c' fails to properly handle a KERNEL_DS get_fs value, allowing a local attacker to bypass access_ok restrictions, overwrite arbitrary kernel memory locations, and gain elevated privileges. |
| 69701 | Linux Kernel mm/mmap.c install_special_mapping() Function mmap_min_addr Local... Linux Kernel contains a flaw related to the 'install_special_mapping()' function in mm/mmap.c. It fails to properly restrict mappings below the"mmap_min_addr" sysctl limit, allowing a local attacker to map memory into forbidden areas. |
| 69524 | Linux Kernel drivers/char/nozomi.c ntty_ioctl_tiocgicount Function TIOCGICOUN... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'ntty_ioctl_tiocgicount' function in 'drivers/char/nozomi.c' fails to properly initialize a certain structure member, which will disclose potentially sensitive information from the kernel stack memory to a local attacker. |
| 69523 | Linux Kernel drivers/char/amiserial.c rs_ioctl Function TIOCGICOUNT IOCTL Cal... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'rs_ioctl' function in 'drivers/char/amiserial.c' fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via a TIOCGICOUNT IOTCL call. |
| 69522 | Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call. |
| 69453 | Linux Kernel block/blk-map.c blk_rq_map_user_iov() Function Zero-length I/O R... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when an error within the 'blk_rq_map_user_iov()' function in 'block/blk-map.c' when processing zero-length I/O requests occurs, allowing an attacker to cause a loss of availability. |
| 69452 | Linux Kernel fs/bio.c Multiple Function Page Allocation Crafted IOCTL Local O... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when page calculation errors in the 'bio_copy_user_iov()' and '__bio_map_user_iov()' functions within fs/bio.c are exploited to cause a large allocation. This will result in loss of availability. |
| 69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
| 2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
| 2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
| 2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
| 2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
| 2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
| 2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2011-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
| 2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
| 2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:58:28 |
|
