Executive Summary
| Summary | |
|---|---|
| Title | Linux kernel (Oneiric backport) vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-1409-1 | First vendor Publication | 2012-03-27 |
| Vendor | Ubuntu | Last vendor Modification | 2012-03-27 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:A/AC:H/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 4.6 | Attack Range | Adjacent network |
| Cvss Impact Score | 6.9 | Attack Complexity | High |
| Cvss Expoit Score | 3.2 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux-lts-backport-oneiric: Linux kernel backport from Oneiric Details: Somnath Kotur discovered an error in the Linux kernel's VLAN (virtual lan) and be2net drivers. An attacker on the local network could exploit this flaw to cause a denial of service. (CVE-2011-3347) Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: After a standard system update you need to reboot your computer to make all the necessary changes. References: Package Information: |
Original Source
| Url : http://www.ubuntu.com/usn/USN-1409-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:15418 | |||
| Oval ID: | oval:org.mitre.oval:def:15418 | ||
| Title: | USN-1409-1 -- Linux kernel (Oneiric backport) vulnerabilities | ||
| Description: | linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1409-1 CVE-2011-3347 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17618 | |||
| Oval ID: | oval:org.mitre.oval:def:17618 | ||
| Title: | USN-1412-1 -- linux vulnerability | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1412-1 CVE-2011-3347 | Version: | 7 |
| Platform(s): | Ubuntu 11.10 | Product(s): | linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27813 | |||
| Oval ID: | oval:org.mitre.oval:def:27813 | ||
| Title: | ELSA-2012-0149 -- kvm security and bug fix update (moderate) | ||
| Description: | [kvm-83-249.0.1.el5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure [kvm-83-249.el5] - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770101] - CVE: CVE-2011-4622 - Resolves: bz#770101 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.8]) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0149 CVE-2011-4347 | Version: | 3 |
| Platform(s): | Oracle Linux 5 | Product(s): | kvm |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28137 | |||
| Oval ID: | oval:org.mitre.oval:def:28137 | ||
| Title: | DEPRECATED: ELSA-2011-1386 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | kernel: [2.6.18-274.7.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-1386 CVE-2009-4067 CVE-2011-1160 CVE-2011-1585 CVE-2011-1833 CVE-2011-2484 CVE-2011-2496 CVE-2011-2695 CVE-2011-2699 CVE-2011-2723 CVE-2011-2942 CVE-2011-3131 CVE-2011-3188 CVE-2011-3191 CVE-2011-3209 CVE-2011-3347 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
| 2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
| 2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
| 2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
| 2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
| 2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2011:1530-03 File : nvt/gb_RHSA-2011_1530-03_Red_Hat_Enterprise_Linux_6_kernel.nasl |
| 2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
| 2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
| 2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
| 2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
| 2012-05-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1440-1 File : nvt/gb_ubuntu_USN_1440_1.nasl |
| 2012-05-04 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1433-1 File : nvt/gb_ubuntu_USN_1433_1.nasl |
| 2012-05-04 | Name : Ubuntu Update for linux USN-1431-1 File : nvt/gb_ubuntu_USN_1431_1.nasl |
| 2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
| 2012-04-26 | Name : Ubuntu Update for linux USN-1425-1 File : nvt/gb_ubuntu_USN_1425_1.nasl |
| 2012-04-26 | Name : Ubuntu Update for linux-ec2 USN-1426-1 File : nvt/gb_ubuntu_USN_1426_1.nasl |
| 2012-04-13 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1421-1 File : nvt/gb_ubuntu_USN_1421_1.nasl |
| 2012-04-13 | Name : Ubuntu Update for linux USN-1422-1 File : nvt/gb_ubuntu_USN_1422_1.nasl |
| 2012-04-02 | Name : Ubuntu Update for linux USN-1412-1 File : nvt/gb_ubuntu_USN_1412_1.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl |
| 2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1409-1 File : nvt/gb_ubuntu_USN_1409_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1407-1 File : nvt/gb_ubuntu_USN_1407_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1406-1 File : nvt/gb_ubuntu_USN_1406_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1405-1 File : nvt/gb_ubuntu_USN_1405_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux-ti-omap4 USN-1404-1 File : nvt/gb_ubuntu_USN_1404_1.nasl |
| 2012-03-22 | Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl |
| 2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux USN-1389-1 File : nvt/gb_ubuntu_USN_1389_1.nasl |
| 2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
| 2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
| 2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
| 2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
| 2011-12-12 | Name : Fedora Update for kernel FEDORA-2011-16621 File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl |
| 2011-11-18 | Name : Fedora Update for kernel FEDORA-2011-15856 File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl |
| 2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
| 2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 77626 | Linux Kernel kvm_vm_ioctl_assign_device Function /dev/kym Local DoS |
| 77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-357.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0116.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1042.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_Scientific_Linux_6_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1440-1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1433-1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1431-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1426-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1425-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1422-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1421-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1412-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1409-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1407-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1406-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1405-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1404-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1389-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0363.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0492.nasl - Type : ACT_GATHER_INFO |
| 2011-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1530.nasl - Type : ACT_GATHER_INFO |
| 2011-11-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15856.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:59:55 |
|
| 2013-06-10 21:22:33 |
|
| 2013-06-08 17:23:01 |
|
