Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1160-1 | First vendor Publication | 2011-06-28 |
Vendor | Ubuntu | Last vendor Modification | 2011-06-28 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 Summary: Multiple kernel vulnerabilities have been fixed. Software Description: - linux: Linux kernel Details: Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. (CVE-2010-4529) Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. (CVE-2010-4565) Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2010-4656) Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. (CVE-2011-0463) Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. If the dvb-ttpci module was loaded, a local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-0521) Jens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2011-0695) Dan Rosenberg discovered that XFS did not correctly initialize memory. A local attacker could make crafted ioctl calls to leak portions of kernel stack memory, leading to a loss of privacy. (CVE-2011-0711) Rafael Dominguez Vega discovered that the caiaq Native Instruments USB driver did not correctly validate string lengths. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2011-0712) Kees Cook reported that /proc/pid/stat did not correctly filter certain memory locations. A local attacker could determine the memory layout of processes in an attempt to increase the chances of a successful memory corruption exploit. (CVE-2011-0726) Timo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010) Timo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012) Matthiew Herrb discovered that the drm modeset interface did not correctly handle a signed comparison. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1013) Marek Olšák discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory. (CVE-2011-1016) Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017) Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system. (CVE-2011-1019) Nelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082) Nelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would consume large amounts of CPU, leading to a denial of service. (CVE-2011-1083) Dan Rosenberg discovered that some ALSA drivers did not correctly check the adapter index during ioctl calls. If this driver was loaded, a local attacker could make a specially crafted ioctl call to gain root privileges. (CVE-2011-1169) Julien Tinnes discovered that the kernel did not correctly validate the signal structure from tkill(). A local attacker could exploit this to send signals to arbitrary threads, possibly bypassing expected restrictions. (CVE-2011-1182) Dan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495) Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593) Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022) Oliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1748) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1160-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
22 % | CWE-20 | Improper Input Validation |
13 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
9 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
9 % | CWE-200 | Information Exposure |
9 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
9 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
4 % | CWE-476 | NULL Pointer Dereference |
4 % | CWE-369 | Divide By Zero |
4 % | CWE-362 | Race Condition |
4 % | CWE-191 | Integer Underflow (Wrap or Wraparound) |
4 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
4 % | CWE-129 | Improper Validation of Array Index |
4 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12874 | |||
Oval ID: | oval:org.mitre.oval:def:12874 | ||
Title: | DSA-2153-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions. CVE-2010-3699 Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures. CVE-2010-4158 Dan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service. CVE-2010-4242 Alan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service due to a missing check for an existing tty write operation. CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service due to incorrect assumptions about thread group leader behavior. CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets. CVE-2010-4258 Nelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process" fs set to KERNEL_DS. CVE-2010-4342 Nelson Elhage reported an issue in the econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability, a local user could obtain elevated privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service by transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 Dan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device may contain access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation. CVE-2010-4649 Dan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service by passing in a large cmd.ne value. CVE-2010-4656 Kees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices maybe able to overrun kernel buffers, resulting in a denial of service or privilege escalation. CVE-2010-4668 Dan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service by submitting certain 0-length I/O requests. CVE-2011-0521 Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2153-1 CVE-2010-0435 CVE-2010-3699 CVE-2010-4158 CVE-2010-4162 CVE-2010-4163 CVE-2010-4242 CVE-2010-4243 CVE-2010-4248 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4526 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565 CVE-2010-4649 CVE-2010-4656 CVE-2010-4668 CVE-2011-0521 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13013 | |||
Oval ID: | oval:org.mitre.oval:def:13013 | ||
Title: | DSA-2240-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
Description: | CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization. CVE-2011-1016 Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video chips. Local users could pass arbitrary values to video memory and the graphics translation table, resulting in denial of service or escalated privileges. On default Debian installations, this is exploitable only by members of the "video" group. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl call on NFSv4 filesystems. Local users can explot this to cause a denial of service. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1476 Dan Rosenberg reported issues in the Open Sound System MIDI interface that allow local users to cause a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1478 Ryan Sweat reported an issue in the Generic Receive Offload support in the Linux networking subsystem. If an interface has GRO enabled and is running in promiscuous mode, remote users can cause a denial of service by sending packets on an unknown VLAN. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1494 Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges by specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1495 Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges and ready arbitrary kernel memory by using specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1585 Jeff Layton reported an issue in the Common Internet File System. Local users can bypass authentication requirements for shares that are already mounted by another user. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1770 Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol. Remote users can cause a denial of service or potentially obtain access to sensitive kernel memory. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group. This update also includes changes queued for the next point release of Debian 6.0, which also fix various non-security issues | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2240-1 CVE-2010-3875 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726 CVE-2011-1016 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080 CVE-2011-1090 CVE-2011-1160 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1173 CVE-2011-1180 CVE-2011-1182 CVE-2011-1476 CVE-2011-1477 CVE-2011-1478 CVE-2011-1493 CVE-2011-1494 CVE-2011-1495 CVE-2011-1585 CVE-2011-1593 CVE-2011-1598 CVE-2011-1745 CVE-2011-1746 CVE-2011-1748 CVE-2011-1759 CVE-2011-1767 CVE-2011-1770 CVE-2011-1776 CVE-2011-2022 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13909 | |||
Oval ID: | oval:org.mitre.oval:def:13909 | ||
Title: | USN-1164-1 -- linux-fsl-imx51 vulnerabilities | ||
Description: | linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1164-1 CVE-2010-3865 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-4080 CVE-2010-4081 CVE-2010-4082 CVE-2010-4083 CVE-2010-4157 CVE-2010-4164 CVE-2010-4248 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565 CVE-2010-4655 CVE-2010-4656 CVE-2011-0463 CVE-2011-0521 CVE-2011-0695 CVE-2011-0711 CVE-2011-0712 CVE-2011-1017 CVE-2011-1182 CVE-2011-1494 CVE-2011-1495 CVE-2011-1593 CVE-2011-1745 CVE-2011-2022 CVE-2011-1746 CVE-2011-1748 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-fsl-imx51 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13949 | |||
Oval ID: | oval:org.mitre.oval:def:13949 | ||
Title: | USN-1119-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | linux-ti-omap4: Linux kernel for OMAP4 devices Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1119-1 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3081 CVE-2010-2954 CVE-2010-2955 CVE-2010-2960 CVE-2010-2962 CVE-2010-2963 CVE-2010-3079 CVE-2010-3080 CVE-2010-3437 CVE-2010-3705 CVE-2010-3861 CVE-2010-3865 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3881 CVE-2010-4072 CVE-2010-4079 CVE-2010-4158 CVE-2010-4164 CVE-2010-4165 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4527 CVE-2010-4529 | Version: | 5 |
Platform(s): | Ubuntu 10.10 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19610 | |||
Oval ID: | oval:org.mitre.oval:def:19610 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0521 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19700 | |||
Oval ID: | oval:org.mitre.oval:def:19700 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1593 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19711 | |||
Oval ID: | oval:org.mitre.oval:def:19711 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0711 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20325 | |||
Oval ID: | oval:org.mitre.oval:def:20325 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1182 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20404 | |||
Oval ID: | oval:org.mitre.oval:def:20404 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1495 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20410 | |||
Oval ID: | oval:org.mitre.oval:def:20410 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1010 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20431 | |||
Oval ID: | oval:org.mitre.oval:def:20431 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1745 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20437 | |||
Oval ID: | oval:org.mitre.oval:def:20437 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0695 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20530 | |||
Oval ID: | oval:org.mitre.oval:def:20530 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1495 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20545 | |||
Oval ID: | oval:org.mitre.oval:def:20545 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-2022 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20570 | |||
Oval ID: | oval:org.mitre.oval:def:20570 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1494 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20577 | |||
Oval ID: | oval:org.mitre.oval:def:20577 | ||
Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
Description: | Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-1494 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20650 | |||
Oval ID: | oval:org.mitre.oval:def:20650 | ||
Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
Description: | The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-0726 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27793 | |||
Oval ID: | oval:org.mitre.oval:def:27793 | ||
Title: | ELSA-2011-2016 -- Unbreakable Enterprise kernel security fix update (important) | ||
Description: | A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-2016 CVE-2010-4251 CVE-2011-1023 CVE-2011-1082 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1494 CVE-2011-1495 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64 File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64 File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0862 centos6 File : nvt/gb_CESA-2012_0862_kernel_centos6.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:1061 centos5 File : nvt/gb_CESA-2012_1061_kernel_centos5.nasl |
2012-07-16 | Name : RedHat Update for kernel RHSA-2012:1061-01 File : nvt/gb_RHSA-2012_1061-01_kernel.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1350-01 File : nvt/gb_RHSA-2011_1350-01_kernel.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1189-01 File : nvt/gb_RHSA-2011_1189-01_kernel.nasl |
2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
2012-06-22 | Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2012:0862-04 File : nvt/gb_RHSA-2012_0862-04_Red_Hat_Enterprise_Linux_6_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0498-01 File : nvt/gb_RHSA-2011_0498-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01 File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0836-01 File : nvt/gb_RHSA-2011_0836-01_kernel.nasl |
2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
2011-12-12 | Name : Fedora Update for kernel FEDORA-2011-16621 File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl |
2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
2011-11-18 | Name : Fedora Update for kernel FEDORA-2011-15856 File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl |
2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
2011-09-23 | Name : Ubuntu Update for linux-ti-omap4 USN-1212-1 File : nvt/gb_ubuntu_USN_1212_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0833 centos5 i386 File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2011:0927 centos5 i386 File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
2011-07-18 | Name : RedHat Update for kernel RHSA-2011:0927-01 File : nvt/gb_RHSA-2011_0927-01_kernel.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1168-1 File : nvt/gb_ubuntu_USN_1168_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux-ec2 USN-1161-1 File : nvt/gb_ubuntu_USN_1161_1.nasl |
2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
2011-07-08 | Name : Ubuntu Update for linux USN-1160-1 File : nvt/gb_ubuntu_USN_1160_1.nasl |
2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
2011-06-10 | Name : Ubuntu Update for linux USN-1146-1 File : nvt/gb_ubuntu_USN_1146_1.nasl |
2011-06-06 | Name : RedHat Update for kernel RHSA-2011:0833-01 File : nvt/gb_RHSA-2011_0833-01_kernel.nasl |
2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
2011-06-03 | Name : Ubuntu Update for linux USN-1133-1 File : nvt/gb_ubuntu_USN_1133_1.nasl |
2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2011-02-18 | Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01 File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl |
2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74643 | Linux Kernel dev_load() Function CAP_NET_ADMIN Capability Arbitrary Module Lo... |
73872 | Linux Kernel fs/proc/array.c do_task_stat Function Local ASLR Protection Mech... |
73291 | OpenBSD Kernel DRM Subsystem sys/dev/pci/drm/drm_irq.c drm_modeset_ctl Functi... |
73290 | Linux Kernel DRM Subsystem drivers/gpu/drm/drm_irq.c drm_modeset_ctl Function... |
73156 | Linux Kernel AudioScience HPI Driver sound/pci/asihpi/hpioctl.c asihpi_hpi_io... |
73053 | Linux Kernel fs/eventpoll.c epoll Data Structure File Descriptor Local DoS |
73048 | Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c Multiple Function Memory Copy... |
73047 | Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c _ctl_do_mpt_command Function ... |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
73040 | Linux Kernel net/can/raw.c raw_release Function Release Operation NULL Derefe... |
73039 | Linux Kernel caiaq Native Instruments USB Audio sound/usb/caiaq/midi.c snd_us... |
73038 | Linux Kernel caiaq Native Instruments USB Audio sound/usb/caiaq/audio.c snd_u... |
73037 | Linux Kernel fs/partitions/ldm.c ldm_parse_vmdb Function LDM Partition Table ... |
72996 | Linux Kernel fs/partitions/mac.c mac_partition Function Mac OS Partition Tabl... |
72995 | Linux Kernel Radeon GPU Drivers AA Resolve Register Data Validation Local Mem... |
71992 | Linux Kernel kernel/pid.c next_pidmap() Function Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the next_pidmap() function in kernel/pid.c is exploited via a specially crafted 'getdents()' system call, resulting in a denial of service. |
71662 | Linux Kernel OCFS2 File System Sparse Writes Arbitrary Memory Disclosure |
71653 | Linux Kernel rt_*sigqueueinfo() Functions SI_TKILL Signal Spoofing |
71602 | Linux Kernel IO-Warrior USB Device iowarrior_write() Function Local Privilege... |
71480 | Linux Kernel cm_work_handler() Function InfiniBand Request Handling DoS |
71359 | Linux Kernel fs/partitions/ldm.c ldm_frag_add() LDM Partition Table Overflow Linux Kernel is prone to an overflow condition. The 'ldm_frag_add()' function in 'fs/partitions/ldm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted LDM partition table, a physically present attacker can potentially gain elevated privileges or obtain sensitive information. |
71265 | Linux Kernel epoll Nested Structures Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when error within the epoll implementation occurs, allowing a local attacker to use nested epoll structures to cause a denial of service via high CPU consumption. |
70950 | Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'xfs_fs_geometry()' function in 'fs/xfs/xfs_fsops.c' fails to properly initialize the 'logsunit' member of the 'xfs_fsop_geom_t' structure, which will disclose kernel stack memory to a local attacker. |
70665 | Linux Kernel drivers/media/dvb/ttpci/av7110_ca.c dvb_ca_ioctl() Function Craf... A memory corruption flaw exists in Linux Kernel. The 'dvb_ca_ioctl()' function in 'drivers/media/dvb/ttpci/av7110_ca.c' fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted IOTCL, a local attacker can execute arbitrary code. |
70229 | Linux Kernel Controller Area Network net/can/bcm.c bcm_connect Function Kerne... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'bcm_connect' function in 'net/can/bcm.c' creates a publicly accessible file whose filename contains a kernel memory address, which will disclose information about kernel memory use to a local attacker. |
70166 | Linux Kernel net/irda/af_irda.c irda_getsockopt() Integer Underflow Kernel Me... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when an integer underflow within the 'irda_getsockopt()' function in 'net/irda/af_irda.c' is exploited via a specially crafted 'IRLMP_ENUMDEVICES' getsockopt. This will disclose kernel memory information to a local attacker. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1708-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-235.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-22.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-100.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1189.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2019.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0150.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0862.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1061-1.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2025.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2026.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120428.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1129.nasl - Type : ACT_GATHER_INFO |
2012-12-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ofed-8386.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110823_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120710_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0862.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
2012-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0862.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO |
2012-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO |
2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0150.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO |
2011-11-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15856.nasl - Type : ACT_GATHER_INFO |
2011-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO |
2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
2011-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
2011-09-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO |
2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
2011-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1189.nasl - Type : ACT_GATHER_INFO |
2011-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
2011-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO |
2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
2011-06-30 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO |
2011-06-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO |
2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO |
2011-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
2011-06-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
2011-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO |
2011-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
2011-05-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:45 |
|
2013-03-01 17:20:43 |
|