ID CVE-2012-2133
Summary Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data.
References
Vulnerable Configurations
  • Linux Kernel 3.3
    cpe:2.3:o:linux:linux_kernel:3.3
  • Linux Kernel 3.3.1
    cpe:2.3:o:linux:linux_kernel:3.3.1
  • Linux Kernel 3.3.2
    cpe:2.3:o:linux:linux_kernel:3.3.2
  • Linux Kernel 3.3.3
    cpe:2.3:o:linux:linux_kernel:3.3.3
  • Linux Kernel 3.3.4
    cpe:2.3:o:linux:linux_kernel:3.3.4
  • Linux Kernel 3.3.5
    cpe:2.3:o:linux:linux_kernel:3.3.5
CVSS
Base: 4.0 (as of 03-07-2012 - 14:29)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2043.NASL
    description Description of changes: [2.6.39-300.17.2.el6uek] - hugepages: fix use after free bug in 'quota' handling [Orabug: 15845276] {CVE-2012-2133} - udf: Fortify loading of sparing table [Orabug: 15845302] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [Orabug: 15845302] {CVE-2012-3400} - mm: Hold a file reference in madvise_remove [Orabug: 15846025] {CVE-2012-3511}
    last seen 2018-09-02
    modified 2015-12-01
    plugin id 68687
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68687
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2043)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1457-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. (CVE-2012-1601) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. (CVE-2012-2123) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59321
    published 2012-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59321
    title Ubuntu 11.04 : linux vulnerabilities (USN-1457-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1472-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59476
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59476
    title Ubuntu 11.10 : linux vulnerabilities (USN-1472-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1468-1.NASL
    description Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 59472
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59472
    title Ubuntu 10.04 LTS : linux vulnerability (USN-1468-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1476-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384)
    last seen 2019-01-16
    modified 2016-12-01
    plugin id 59553
    published 2012-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59553
    title USN-1476-1 : linux-ti-omap4 vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0741.NASL
    description Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871, Important) * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) Red Hat would like to thank Shachar Raindel for reporting CVE-2012-2133. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 65990
    published 2013-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65990
    title RHEL 6 : kernel (RHSA-2013:0741)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1469-1.NASL
    description Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59473
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59473
    title Ubuntu 10.04 LTS : linux-ec2 vulnerability (USN-1469-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20121106_KERNEL_ON_SL6_X.NASL
    description * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) This update also fixes several bugs. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-12-31
    plugin id 62858
    published 2012-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62858
    title Scientific Linux Security Update : kernel on SL6.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1474-1.NASL
    description A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384)
    last seen 2019-01-16
    modified 2016-12-01
    plugin id 59496
    published 2012-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59496
    title USN-1474-1 : linux-ti-omap4 vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1426.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) Red Hat would like to thank Shachar Raindel for reporting CVE-2012-2133. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 62862
    published 2012-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62862
    title CentOS 6 : kernel (CESA-2012:1426)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1471-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59475
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59475
    title Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1471-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1473-1.NASL
    description A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59495
    published 2012-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59495
    title Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_KERNEL-120523.NASL
    description The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.31, fixing many bugs and security issues. Various security and bug fixes contained in the Linux 3.0 stable releases 3.0.27 up to 3.0.31 have been included, but are not explicitly listed below. The following notable security issues have been fixed : - The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. (CVE-2012-2313) - A use after free bug in hugetlb support could be used by local attackers to crash the system. (CVE-2012-2133) - Various leaks in namespace handling over fork where fixed, which could be exploited by e.g. vsftpd access by remote users. (CVE-2012-2127) - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. (CVE-2012-2319) The following non security bugs have been fixed by this update : - BTRFS - Partial revert of truncation improvements. - Fix eof while discarding extents. - Check return value of bio_alloc() properly. - Return void from clear_state_bit. - Avoid possible use-after-free in clear_extent_bit(). - Make free_ipath() deal gracefully with NULL pointers. - Do not call free_extent_buffer twice in iterate_irefs. - Add missing read locks in backref.c. - Fix max chunk size check in chunk allocator. - Double unlock bug in error handling. - Do not return EINTR. - Fix btrfs_ioctl_dev_info() crash on missing device. - Fix that check_int_data mount option was ignored. - Do not mount when we have a sectorsize unequal to PAGE_SIZE. - Avoid possible use-after-free in clear_extent_bit(). - Retrurn void from clear_state_bit. - Fix typo in free-space-cache.c. - Remove the ideal caching code. - Remove search_start and search_end from find_free_extent and callers. - Adjust the write_lock_level as we unlock. - Actually call btrfs_init_lockdep. - Fix regression in scrub path resolving. - Show useful info in space reservation tracepoint. - Flush out and clean up any block device pages during mount. - Fix deadlock during allocating chunks. - Fix race between direct io and autodefrag. - Fix the mismatch of page->mapping. - Fix recursive defragment with autodefrag option. - Add a check to decide if we should defrag the range. - Do not bother to defrag an extent if it is a big real extent. - Update to the right index of defragment. - Fix use-after-free in __btrfs_end_transaction. - Stop silently switching single chunks to raid0 on balance. - Add wrappers for working with alloc profiles. - Make profile_is_valid() check more strict. - Move alloc_profile_is_valid() to volumes.c. - Add get_restripe_target() helper. - Add __get_block_group_index() helper. - Improve the logic in btrfs_can_relocate(). - Validate target profiles only if we are going to use them. - Allow dup for data chunks in mixed mode. - Fix memory leak in resolver code. - Fix infinite loop in btrfs_shrink_device(). - Error handling locking fixu. - Fix uninit variable in repair_eb_io_failure. - Always store the mirror we read the eb from. - Do not count CRC or header errors twice while scrubbing. - Do not start delalloc inodes during sync. - Fix repair code for RAID10. - Prevent root_list corruption. - Fix block_rsv and space_info lock ordering. - Fix space checking during fs resize. - Avoid deadlocks from GFP_KERNEL allocations during btrfs_real_readdir(). - Reduce lock contention during extent insertion. - Add properly locking around add_root_to_dirty_list(). - Fix mismatching struct members in ioctl.h. - netfilter : - nf_conntrack: make event callback registration per netns. - DRM : - edid: Add a workaround for 1366x768 HD panel. - edid: Add extra_modes. - edid: Add packed attribute to new gtf2 and cvt structs. - edid: Add the reduced blanking DMT modes to the DMT list - edid: Allow drm_mode_find_dmt to hunt for reduced-blanking modes. - edid: Do drm_dmt_modes_for_range() for all range descriptor types. - edid: Document drm_mode_find_dmt. - edid: Fix some comment typos in the DMT mode list - edid: Generate modes from extra_modes for range descriptors - edid: Give the est3 mode struct a real name. - edid: Remove a misleading comment. - edid: Rewrite drm_mode_find_dmt search loop. - edid: Update range descriptor struct for EDID 1.4 - edid: add missing NULL checks. - edid: s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/ - Fix kABI for drm EDID improvement patches. - Fix the case where multiple modes are returned from EDID - i915: Add more standard modes to LVDS output. - i915: Disable LVDS at mode change. - i915: add Ivy Bridge GT2 Server entries. - i915: delay drm_irq_install() at resume. - EDD: Check for correct EDD 3.0 length. - XEN - blkfront: make blkif_io_lock spinlock per-device. - blkback: streamline main processing loop (fate#309305). - blkback: Implement discard requests handling (fate#309305). - blkback: Enhance discard support with secure erasing support (fate#309305). - blkfront: Handle discard requests (fate#309305). - blkfront: Enhance discard support with secure erasing support (fate#309305). - blkif: support discard (fate#309305). - blkif: Enhance discard support with secure erasing support (fate#309305). - xen/smpboot: adjust ordering of operations. - x86-64: provide a memset() that can deal with 4Gb or above at a time. - Update Xen patches to 3.0.27. - Update Xen patches to 3.0.31. - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53. - xen/gntdev: fix multi-page slot allocation. - TG3 - Avoid panic from reserved statblk field access. - Fix 5717 serdes powerdown problem. - Fix RSS ring refill race condition. - Fix single-vector MSI-X code. - fix ipv6 header length computation. - S/390 - dasd: Fix I/O stall when reserving dasds. - af_iucv: detect down state of HS transport interface (LTC#80859). - af_iucv: allow shutdown for HS transport sockets (LTC#80860). - mm: s390: Fix BUG by using __set_page_dirty_no_writeback on swap. - qeth: Improve OSA Express 4 blkt defaults (LTC#80325). - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (LTC#80378). - zfcpdump: Implement async sdias event processing (LTC#81330). - ALSA - hda: Always resume the codec immediately. - hda: Add Creative CA0132 HDA codec support. - hda: Fix error handling in patch_ca0132.c. - hda: Add the support for Creative SoundCore3D. - OTHER - ixgbe: fix ring assignment issues for SR-IOV and drop cases. - ixgbe: add missing rtnl_lock in PM resume path. - MCE, AMD: Drop too granulary family model checks. - EDAC, MCE, AMD: Print CPU number when reporting the error. - EDAC, MCE, AMD: Print valid addr when reporting an error. - libata: skip old error history when counting probe trials. - x86: kdb: restore kdb stack trace. - ehea: fix allmulticast support, - ehea: fix promiscuous mode. - ehea: only register irq after setting up ports. - ehea: fix losing of NEQ events when one event occurred early. - scsi: Silence unnecessary warnings about ioctl to partition. - scsi_dh_rdac: Update match function to check page C8. - scsi_dh_rdac: Add new NetApp IDs. - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22 0489:E03C. - x86/amd: Add missing feature flag for fam15h models 10h-1fh processors. - x86: Report cpb and eff_freq_ro flags correctly. - x86, amd: Fix up numa_node information for AMD CPU family 15h model 0-0fh northbridge functions. - x86/PCI: amd: Kill misleading message about enablement of IO access to PCI ECS. - cdc-wdm: fix race leading leading to memory corruption. - tlan: add cast needed for proper 64 bit operation. - bonding:update speed/duplex for NETDEV_CHANGE. - bonding: comparing a u8 with -1 is always false. - bonding: start slaves with link down for ARP monitor. - bonding: do not increase rx_dropped after processing LACPDUs - x86: fix the initialization of physnode_map. - sched,rt: fix isolated CPUs leaving root_task_group indefinitely throttled. - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression. Note that this change trades an approximately 400% latency regression fix for power consumption progression that skew removal bought (at high cost). - Revert mainline 0209f649 - rcu: limit rcu_node leaf-level fanout. - md: fix possible corruption of array metadata on shutdown. - md/bitmap: prevent bitmap_daemon_work running while initialising bitmap. - md: ensure changes to write-mostly are reflected in metadata. - cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler. - procfs, namespace, pid_ns: fix leakage upon fork() failure. - mqueue: fix a vfsmount longterm reference leak. - procfs: fix a vfsmount longterm reference leak. - scsi_dh_alua: Optimize stpg command. - scsi_dh_alua: Store pref bit from RTPG. - scsi_dh_alua: set_params interface. - uwb: fix error handling. - uwb: fix use of del_timer_sync() in interrupt. - usbhid: fix error handling of not enough bandwidth. - mm: Improve preservation of page-age information - pagecache limit: Fix the shmem deadlock. - USB: sierra: add support for Sierra Wireless MC7710. - USB: fix resource leak in xhci power loss path. - x86/iommu/intel: Fix identity mapping for sandy bridge. - ipv6: Check dest prefix length on original route not copied one in rt6_alloc_cow(). - ipv6: do not use inetpeer to store metrics for routes. - ipv6: fix problem with expired dst cache. - ipv6: unshare inetpeers. - bridge: correct IPv6 checksum after pull. - scsi: storvsc: Account for in-transit packets in the RESET path. - patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merg e.patch : - patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue .patch: Fix vma merging issue during mbind affecting JVMs. - ACPI, APEI: Fix incorrect APEI register bit width check and usage. - vmxnet3: cap copy length at size of skb to prevent dropped frames on tx. - rt2x00: rt2x00dev: move rfkill_polling register to proper place. - pagecache: fix the BUG_ON safety belt - pagecache: Fixed the GFP_NOWAIT is zero and not suitable for tests bug - igb: reset PHY after recovering from PHY power down. - igb: fix rtnl race in PM resume path. - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing. - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing redhat#727875). - cfq-iosched: Reduce linked group count upon group destruction. - cdc_ether: Ignore bogus union descriptor for RNDIS devices. - sys_poll: fix incorrect type for timeout parameter. - staging:rts_pstor:Avoid 'Bad target number' message when probing driver. - staging:rts_pstor:Complete scanning_done variable. - staging:rts_pstor:Fix SDIO issue. - staging:rts_pstor: Fix a bug that a MMCPlus card ca not be accessed. - staging:rts_pstor: Fix a miswriting. - staging:rts_pstor:Fix possible panic by NULL pointer dereference. - staging:rts_pstor: fix thread synchronization flow. - freezer:do not unnecessarily set PF_NOFREEZE explicitly. - staging:rts_pstor: off by one in for loop. - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch: fix typo: use if defined(CONFIG_) rather than if CONFIG_
    last seen 2019-01-16
    modified 2013-10-25
    plugin id 64174
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64174
    title SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 6338 / 6345 / 6349)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1470-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. (CVE-2012-1601) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. (CVE-2012-2123) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 59474
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59474
    title Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1470-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1426.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) Red Hat would like to thank Shachar Raindel for reporting CVE-2012-2133. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 62833
    published 2012-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62833
    title RHEL 6 : kernel (RHSA-2012:1426)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-2507.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen 2019-01-16
    modified 2015-12-01
    plugin id 68847
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68847
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2507)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2469.NASL
    description Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-4086 Eric Sandeen reported an issue in the journaling layer for ext4 filesystems (jbd2). Local users can cause buffers to be accessed after they have been torn down, resulting in a denial of service (DoS) due to a system crash. - CVE-2012-0879 Louis Rilling reported two reference counting issues in the CLONE_IO feature of the kernel. Local users can prevent io context structures from being freed, resulting in a denial of service. - CVE-2012-1601 Michael Ellerman reported an issue in the KVM subsystem. Local users could cause a denial of service (NULL pointer dereference) by creating VCPUs before a call to KVM_CREATE_IRQCHIP. - CVE-2012-2123 Steve Grubb reported an issue in fcaps, a filesystem-based capabilities system. Personality flags set using this mechanism, such as the disabling of address space randomization, may persist across suid calls. - CVE-2012-2133 Shachar Raindel discovered a use-after-free bug in the hugepages quota implementation. Local users with permission to use hugepages via the hugetlbfs implementation may be able to cause a denial of service (system crash).
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 59070
    published 2012-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59070
    title Debian DSA-2469-1 : linux-2.6 - privilege escalation/denial of service
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1426.NASL
    description From Red Hat Security Advisory 2012:1426 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) Red Hat would like to thank Shachar Raindel for reporting CVE-2012-2133. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 68651
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68651
    title Oracle Linux 6 : kernel (ELSA-2012-1426)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1491.NASL
    description Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A flaw was found in the way Netlink messages without SCM_CREDENTIALS (used for authentication) data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink message to appear as if it were sent with root privileges. A local, unprivileged user could use this flaw to send spoofed Netlink messages to an application, possibly resulting in the application performing privileged operations if it relied on SCM_CREDENTIALS data for the authentication of Netlink messages. (CVE-2012-3520, Important) * A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important) * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use (the sysctl net.ipv4.tcp_congestion_control variable set to 'illinois'), a local, unprivileged user could trigger this flaw and cause a denial of service. (CVE-2012-4565, Moderate) * An information leak flaw was found in the uname() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space by setting the UNAME26 personality and then calling the uname() system call. (CVE-2012-0957, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) * A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) Red Hat would like to thank Pablo Neira Ayuso for reporting CVE-2012-3520; Theodore Ts'o for reporting CVE-2012-4508; Shachar Raindel for reporting CVE-2012-2133; and Kees Cook for reporting CVE-2012-0957. Upstream acknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The CVE-2012-4565 issue was discovered by Rodrigo Freire of Red Hat, and the CVE-2012-3430 issue was discovered by the Red Hat InfiniBand team. This update also fixes multiple bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which upgrade the kernel-rt kernel to version kernel-rt-3.2.33-rt50, and correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 76653
    published 2014-07-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76653
    title RHEL 6 : MRG (RHSA-2012:1491)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2044.NASL
    description Description of changes: [2.6.32-300.39.1.el6uek] - hugepages: fix use after free bug in 'quota' handling [15842385] {CVE-2012-2133} - mm: Hold a file reference in madvise_remove [15842884] {CVE-2012-3511} - udf: Fortify loading of sparing table [15843730] {CVE-2012-3400} - udf: Avoid run away loop when partition table length is corrupt [15843730] {CVE-2012-3400}
    last seen 2018-09-02
    modified 2015-12-01
    plugin id 68688
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68688
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2044)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-142.NASL
    description A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133 , Moderate) A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511 , Moderate) It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568 , Low) Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400 , Low)
    last seen 2019-01-16
    modified 2018-04-18
    plugin id 69632
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69632
    title Amazon Linux AMI : kernel (ALAS-2012-142)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_KERNEL-120428.NASL
    description The SUSE Linux Enterprise 11 SP1 kernel has been updated to the 2.6.32.59 stable release to fix a lot of bugs and security issues. The following security issues have been fixed : - A use after free bug in hugetlb support could be used by local attackers to crash the system. (CVE-2012-2133) - A NULL pointer dereference bug in the regsets proc file could be used by local attackers to perhaps crash the system. With mmap_min_addr is set and enabled, exploitation is unlikely. (CVE-2012-1097) - A reference counting issue in CLONE_IO could be used by local attackers to cause a denial of service (out of memory). (CVE-2012-0879) - A file handle leak in CIFS code could be used by local attackers to crash the system. (CVE-2012-1090) - Large nested epoll chains could be used by local attackers to cause a denial of service (excessive CPU consumption). (CVE-2011-1083) - When using KVM, programming a PIT timer without a irqchip configuration, can be used to crash the kvm guest. This likely can be done only by a privileged guest user. (CVE-2011-4622) - A KVM 32bit guest crash in 'syscall' opcode handling was fixed that could be caused by local attackers. (CVE-2012-0045) - Fixed a oops in jbd/jbd2 that could be caused by specific filesystem access patterns. The following non-security issues have been fixed:. (CVE-2011-4086) X86 : - x86: fix the initialization of physnode_map. (bnc#748112) - x86: Allow bootmem reserves at greater than 8G node offset within a node. (bnc#740895) - x86, tsc: Fix SMI induced variation in quick_pit_calibrate(). (bnc#751322) - x86, efi: Work around broken firmware. (bnc#714507) BONDING : - bonding: update speed/duplex for NETDEV_CHANGE. (bnc#752634) - bonding: comparing a u8 with -1 is always false. (bnc#752634) - bonding: start slaves with link down for ARP monitor. (bnc#752634) - bonding: send gratuitous ARP for all addresses (bnc#752491). XFS : - xfs: Fix excessive inode syncing when project quota is exceeded. (bnc#756448) - xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#716850). SCSI : - scsi/ses: Handle non-unique element descriptors. (bnc#749342, bnc#617344) - scsi/sd: mark busy sd majors as allocated (bug#744658). - scsi: Check for invalid sdev in scsi_prep_state_check() (bnc#734300). MD/RAID : - md: fix possible corruption of array metadata on shutdown. - md: ensure changes to write-mostly are reflected in metadata. (bnc#755178) - md: do not set md arrays to readonly on shutdown (bnc#740180, bnc#713148, bnc#734900). XEN : - smpboot: adjust ordering of operations. - x86-64: provide a memset() that can deal with 4Gb or above at a time. (bnc#738528) - blkfront: properly fail packet requests. (bnc#745929) - Update Xen patches to 2.6.32.57. - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. - xenbus_dev: add missing error checks to watch handling. - Refresh other Xen patches. (bnc#652942, bnc#668194, bnc#688079) - fix Xen-specific kABI issue in Linux 2.6.19. NFS : - NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR. (bnc#751880) - nfs: Include SYNC flag when comparing mount options with NOAC flag. (bnc#745422) - NFS returns EIO for EDQUOT and others. (bnc#747028) - lockd: fix arg parsing for grace_period and timeout. (bnc#733761) - nfs: allow nfs4leasetime to be set before starting servers. (bnc#733761) - nfs: handle d_revalidate of dot correctly (bnc#731809). S/390 : - ctcmpc: use correct idal word list for ctcmpc (bnc#750171,LTC#79264). - qeth: synchronize discipline module loading (bnc#747430,LTC#78788). - qdio: avoid race leading to stall when tolerating CQ (bnc#737326,LTC#76599). - kernel: no storage key operations for invalid page table entries (bnc#737326,LTC#77697). OTHER : - tlan: add cast needed for proper 64 bit operation. (bnc#756840) - dl2k: Tighten ioctl permissions. (bnc#758813) - tg3: Fix RSS ring refill race condition. (bnc#757917) - usbhid: fix error handling of not enough bandwidth. (bnc#704280) - pagecache limit: Fix the shmem deadlock. (bnc#755537) - tty_audit: fix tty_audit_add_data live lock on audit disabled. (bnc#721366) - ixgbe: driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off. (bnc#693639) - PCI: Set device power state to PCI_D0 for device without native PM support. (bnc#752972) - dlm: Do not allocate a fd for peeloff. (bnc#729247) - sctp: Export sctp_do_peeloff. (bnc#729247) - epoll: Do not limit non-nested epoll paths. (bnc#676204) - mlx4: Limit MSI-X vector allocation. (bnc#624072) - mlx4: Changing interrupt scheme. (bnc#624072) - mlx4_en: Assigning TX irq per ring. (bnc#624072) - mlx4_en: Restoring RX buffer pointer in case of failure. (bnc#624072) - mlx4_en: using new mlx4 interrupt scheme. (bnc#624072) - igb: Fix for Alt MAC Address feature on 82580 and later devices. (bnc#746980) - igb: Power down link when interface is down. (bnc#745699) - igb: use correct bits to identify if managability is enabled. (bnc#743209) - intel_agp: Do not oops with zero stolen memory. (bnc#738679) - agp: fix scratch page cleanup. (bnc#738679) - hugetlb: add generic definition of NUMA_NO_NODE. (bnc#751844) - sched: Fix proc_sched_set_task(). (bnc#717994) - PM: Print a warning if firmware is requested when tasks are frozen. (bnc#749886) - PM / Sleep: Fix freezer failures due to racy usermodehelper_is_disabled(). (bnc#749886) - PM / Sleep: Fix read_unlock_usermodehelper() call. (bnc#749886) - firmware loader: allow builtin firmware load even if usermodehelper is disabled. (bnc#749886) - PM / Hibernate: Enable usermodehelpers in software_resume() error path. (bnc#744163) - ipv6: Allow inet6_dump_addr() to handle more than 64 addresses. (bnc#748279) - ipv6: fix refcnt problem related to POSTDAD state. (bnc#743619) - be2net: change to show correct physical link status. (bnc#727834) - be2net: changes to properly provide phy details. (bnc#727834) - aio: fix race between io_destroy() and io_submit(). (bnc#747445 / bnc#611264) - intel-iommu: Check for identity mapping candidate using system dma mask. (bnc#700449) - intel-iommu: Dont cache iova above 32bit. (bnc#700449) - intel-iommu: Add domain check in domain_remove_one_dev_info. (bnc#700449) - intel-iommu: Provide option to enable 64-bit IOMMU pass through mode. (bnc#700449) - intel-iommu: Remove Host Bridge devices from identity mapping. (bnc#700449) - intel-iommu: Speed up processing of the identity_mapping function. (bnc#700449) - intel-iommu: Use coherent DMA mask when requested. (bnc#700449) - 1: Fix accounting of softirq time when idle. (bnc#719793) - driver-core: fix race between device_register and driver_register. (bnc#742358) - dcache: patches.fixes/large-hash-dcache_init-fix.patch: Fix oops when initializing large hash on > 16TB machine. (bnc#742210) - kdump: Save PG_compound or PG_head value in VMCOREINFO. (bnc#738503) - Update config files: disable NET_9P_RDMA. (bnc#720374) - cdc-wdm: fix race leading leading to memory corruption. (bnc#759544)
    last seen 2019-01-16
    modified 2014-08-20
    plugin id 64173
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64173
    title SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 6227 / 6229 / 6230)
redhat via4
rpms
  • kernel-0:2.6.32-279.14.1.el6
  • kernel-bootwrapper-0:2.6.32-279.14.1.el6
  • kernel-debug-0:2.6.32-279.14.1.el6
  • kernel-debug-devel-0:2.6.32-279.14.1.el6
  • kernel-devel-0:2.6.32-279.14.1.el6
  • kernel-doc-0:2.6.32-279.14.1.el6
  • kernel-firmware-0:2.6.32-279.14.1.el6
  • kernel-headers-0:2.6.32-279.14.1.el6
  • kernel-kdump-0:2.6.32-279.14.1.el6
  • kernel-kdump-devel-0:2.6.32-279.14.1.el6
  • perf-0:2.6.32-279.14.1.el6
  • python-perf-0:2.6.32-279.14.1.el6
refmap via4
bid 53233
confirm
debian DSA-2469
mlist [oss-security] 20120424 Re: CVE Request: use after free bug in "quota" handling in hugetlb code
suse SUSE-SU-2012:0616
xf linux-kernel-hugepages-dos(75168)
Last major update 13-08-2012 - 23:37
Published 03-07-2012 - 12:40
Last modified 28-12-2017 - 21:29
Back to Top