Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-2417-1 | First vendor Publication | 2014-11-25 |
Vendor | Ubuntu | Last vendor Modification | 2014-11-25 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (CVE-2014-3647) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (CVE-2014-3646) A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (CVE-2014-3645) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (CVE-2014-3611) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (CVE-2014-3610) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3673) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (CVE-2014-3687) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (CVE-2014-3688) A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (CVE-2014-3690) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608) It was discovered the Linux kernel's implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (CVE-2014-7207) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (CVE-2014-7975) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-2417-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
29 % | CWE-20 | Improper Input Validation |
14 % | CWE-399 | Resource Management Errors |
14 % | CWE-362 | Race Condition |
14 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:24968 | |||
Oval ID: | oval:org.mitre.oval:def:24968 | ||
Title: | USN-2286-1 -- linux-lts-raring vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2286-1 CVE-2014-4943 CVE-2014-0131 CVE-2014-1739 CVE-2014-3144 CVE-2014-3145 CVE-2014-3917 CVE-2014-4014 CVE-2014-4608 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-raring |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25055 | |||
Oval ID: | oval:org.mitre.oval:def:25055 | ||
Title: | USN-2284-1 -- linux-ti-omap4 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2284-1 CVE-2014-4943 CVE-2014-0131 CVE-2014-4608 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25118 | |||
Oval ID: | oval:org.mitre.oval:def:25118 | ||
Title: | USN-2285-1 -- linux-lts-quantal vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2285-1 CVE-2014-4943 CVE-2014-0131 CVE-2014-1739 CVE-2014-3917 CVE-2014-4014 CVE-2014-4027 CVE-2014-4608 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-quantal |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25123 | |||
Oval ID: | oval:org.mitre.oval:def:25123 | ||
Title: | USN-2281-1 -- linux-ec2 vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2281-1 CVE-2014-4943 CVE-2014-3917 CVE-2014-4608 | Version: | 3 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25252 | |||
Oval ID: | oval:org.mitre.oval:def:25252 | ||
Title: | USN-2283-1 -- linux vulnerabilities | ||
Description: | Several security issues were fixed in the kernel. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2283-1 CVE-2014-4943 CVE-2014-0131 CVE-2014-4608 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27268 | |||
Oval ID: | oval:org.mitre.oval:def:27268 | ||
Title: | ELSA-2014-1724 -- kernel security and bug fix update (important) | ||
Description: | [3.10.0-123.9.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.9.2] - [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611} - [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646} [3.10.0-123.9.1] - [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905] - [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055] - [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055] - [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372] - [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774] - [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965] - [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731] - [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731] - [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184] - [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250] - [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752] - [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752] - [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977] - [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406] - [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077} - [sound] alsa/control: Don't access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653} | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1724 CVE-2014-4653 CVE-2014-5077 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 | Version: | 3 |
Platform(s): | Oracle Linux 7 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27666 | |||
Oval ID: | oval:org.mitre.oval:def:27666 | ||
Title: | DSA-3060-1 -- linux security update | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3060-1 CVE-2014-3610 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 CVE-2014-3647 CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-3690 CVE-2014-7207 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27756 | |||
Oval ID: | oval:org.mitre.oval:def:27756 | ||
Title: | USN-2418-1 -- Linux kernel (OMAP4) vulnerabilities | ||
Description: | Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3645">CVE-2014-3645</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3673">CVE-2014-3673</a>) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3687">CVE-2014-3687</a>) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3688">CVE-2014-3688</a>) A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) It was discovered the Linux kernel's implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7207">CVE-2014-7207</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2418-1 CVE-2014-3647 CVE-2014-3646 CVE-2014-3645 CVE-2014-3611 CVE-2014-3610 CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-3690 CVE-2014-4608 CVE-2014-7207 CVE-2014-7975 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-ti-omap4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27992 | |||
Oval ID: | oval:org.mitre.oval:def:27992 | ||
Title: | RHSA-2014:1843 -- kernel security and bug fix update (Important) | ||
Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. (BZ#1142570) * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op->d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). (BZ#1145193) * Due to previous changes in the virtio-net driver, a Red Hat Enterprise Linux 6.6 guest was unable to boot with the "mgr_rxbuf=off" option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver's Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. (BZ#1148693) * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. (BZ#1149083) * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. (BZ#1149578) * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. (BZ#1149580) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1843 CESA-2014:1843 CVE-2014-3185 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28026 | |||
Oval ID: | oval:org.mitre.oval:def:28026 | ||
Title: | USN-2419-1 -- Linux kernel (Trusty HWE) vulnerabilities | ||
Description: | A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7970">CVE-2014-7970</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2419-1 CVE-2014-3690 CVE-2014-4608 CVE-2014-7970 CVE-2014-7975 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux-lts-trusty |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28203 | |||
Oval ID: | oval:org.mitre.oval:def:28203 | ||
Title: | USN-2396-1 -- Linux kernel vulnerabilities | ||
Description: | Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2396-1 CVE-2014-3647 CVE-2014-3646 CVE-2014-3611 CVE-2014-3610 | Version: | 5 |
Platform(s): | Ubuntu 14.10 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28298 | |||
Oval ID: | oval:org.mitre.oval:def:28298 | ||
Title: | USN-2421-1 -- Linux kernel vulnerabilities | ||
Description: | A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2421-1 CVE-2014-3690 CVE-2014-4608 CVE-2014-7975 | Version: | 5 |
Platform(s): | Ubuntu 14.10 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28348 | |||
Oval ID: | oval:org.mitre.oval:def:28348 | ||
Title: | USN-2416-1 -- Linux kernel (EC2) vulnerabilities | ||
Description: | Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2416-1 CVE-2014-4608 CVE-2014-7975 | Version: | 3 |
Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28423 | |||
Oval ID: | oval:org.mitre.oval:def:28423 | ||
Title: | USN-2417-1 -- Linux kernel vulnerabilities | ||
Description: | Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3647">CVE-2014-3647</a>) A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3646">CVE-2014-3646</a>) A flaw was discovered with invept instruction support when using nested EPT in the KVM (Kernel Virtual Machine). An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3645">CVE-2014-3645</a>) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3611">CVE-2014-3611</a>) Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual Machine) handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial of service (kernel panic) on the host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3610">CVE-2014-3610</a>) A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (system crash). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3673">CVE-2014-3673</a>) A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. A remote attacker could exploit this flaw to cause a denial of service (panic). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3687">CVE-2014-3687</a>) It was discovered that excessive queuing by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel can cause memory pressure. A remote attacker could exploit this flaw to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3688">CVE-2014-3688</a>) A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) It was discovered the Linux kernel's implementation of IPv6 did not properly validate arguments in the ipv6_select_ident function. A local user could exploit this flaw to cause a denial of service (system crash) by leveraging tun or macvtap device access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7207">CVE-2014-7207</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2417-1 CVE-2014-3647 CVE-2014-3646 CVE-2014-3645 CVE-2014-3611 CVE-2014-3610 CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-3690 CVE-2014-4608 CVE-2014-7207 CVE-2014-7975 | Version: | 3 |
Platform(s): | Ubuntu 12.04 | Product(s): | linux |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28454 | |||
Oval ID: | oval:org.mitre.oval:def:28454 | ||
Title: | USN-2420-1 -- Linux kernel vulnerabilities | ||
Description: | A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3690">CVE-2014-3690</a>) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4608">CVE-2014-4608</a>) Andy Lutomirski discovered a flaw in how the Linux kernel handles pivot_root when used with a chroot directory. A local user could exploit this flaw to cause a denial of service (mount-tree loop). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7970">CVE-2014-7970</a>) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7975">CVE-2014-7975</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2420-1 CVE-2014-3690 CVE-2014-4608 CVE-2014-7970 CVE-2014-7975 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | linux |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2015-07-13 | Linux kernel SCTP Unknown Chunk Types denial of service attempt RuleID : 34802 - Revision : 2 - Type : OS-LINUX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-08-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO |
2017-08-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170801_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2017-08-09 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-1842.nasl - Type : ACT_GATHER_INFO |
2017-08-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO |
2017-08-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2077.nasl - Type : ACT_GATHER_INFO |
2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
2016-07-25 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16025.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13145361.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151119_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-12-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO |
2015-11-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2152.nasl - Type : ACT_GATHER_INFO |
2015-11-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2152.nasl - Type : ACT_GATHER_INFO |
2015-09-09 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17199.nasl - Type : ACT_GATHER_INFO |
2015-07-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1272.nasl - Type : ACT_GATHER_INFO |
2015-06-17 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1071-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0068-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0178-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0529-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0652-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0869.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0869.nasl - Type : ACT_GATHER_INFO |
2015-04-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150422_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-04-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0864.nasl - Type : ACT_GATHER_INFO |
2015-04-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0864.nasl - Type : ACT_GATHER_INFO |
2015-04-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150421_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-04-10 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0040.nasl - Type : ACT_GATHER_INFO |
2015-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0782.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-118.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150305_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-03-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO |
2015-03-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-3012.nasl - Type : ACT_GATHER_INFO |
2015-03-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-058.nasl - Type : ACT_GATHER_INFO |
2015-03-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
2015-03-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0284.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
2015-02-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO |
2015-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0115.nasl - Type : ACT_GATHER_INFO |
2015-02-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2491-1.nasl - Type : ACT_GATHER_INFO |
2015-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0062.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-027.nasl - Type : ACT_GATHER_INFO |
2015-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0043.nasl - Type : ACT_GATHER_INFO |
2015-01-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2462-1.nasl - Type : ACT_GATHER_INFO |
2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO |
2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-791.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-793.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-794.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2447-2.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2448-2.nasl - Type : ACT_GATHER_INFO |
2014-12-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO |
2014-12-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141216_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-12-17 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15912.nasl - Type : ACT_GATHER_INFO |
2014-12-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1997.nasl - Type : ACT_GATHER_INFO |
2014-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1997.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15910.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3103.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3104.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3105.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141209_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2441-1.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2442-1.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2445-1.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2446-1.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2447-1.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2448-1.nasl - Type : ACT_GATHER_INFO |
2014-12-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1971.nasl - Type : ACT_GATHER_INFO |
2014-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1971.nasl - Type : ACT_GATHER_INFO |
2014-12-05 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3096.nasl - Type : ACT_GATHER_INFO |
2014-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-230.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2415-1.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2416-1.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2417-1.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2419-1.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2420-1.nasl - Type : ACT_GATHER_INFO |
2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2421-1.nasl - Type : ACT_GATHER_INFO |
2014-11-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3089.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14068.nasl - Type : ACT_GATHER_INFO |
2014-11-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3087.nasl - Type : ACT_GATHER_INFO |
2014-11-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3088.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
2014-11-04 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3086.nasl - Type : ACT_GATHER_INFO |
2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141028_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3060.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12955.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14126.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2396-1.nasl - Type : ACT_GATHER_INFO |
2014-10-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3084.nasl - Type : ACT_GATHER_INFO |
2014-10-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3085.nasl - Type : ACT_GATHER_INFO |
2014-10-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2394-1.nasl - Type : ACT_GATHER_INFO |
2014-10-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2395-1.nasl - Type : ACT_GATHER_INFO |
2014-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
2014-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13558.nasl - Type : ACT_GATHER_INFO |
2014-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13773.nasl - Type : ACT_GATHER_INFO |
2014-10-29 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
2014-10-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-201.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13045.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13020.nasl - Type : ACT_GATHER_INFO |
2014-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1392.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-368.nasl - Type : ACT_GATHER_INFO |
2014-08-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-155.nasl - Type : ACT_GATHER_INFO |
2014-07-26 | Name : The remote Fedora host is missing a security update. File : fedora_2014-8487.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2281-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2282-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2283-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2285-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2286-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2287-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2288-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2289-1.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2290-1.nasl - Type : ACT_GATHER_INFO |
2014-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2014-7863.nasl - Type : ACT_GATHER_INFO |
2014-06-27 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d1f5e12afd5a11e3a108080027ef73ec.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-30 09:29:00 |
|
2014-11-26 13:28:31 |
|
2014-11-25 05:28:28 |
|