ID CVE-2012-2313
Summary The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
References
Vulnerable Configurations
  • Linux Kernel 3.3 release candidate 7
    cpe:2.3:o:linux:linux_kernel:3.3:rc7
  • Linux Kernel 3.3 release candidate 4
    cpe:2.3:o:linux:linux_kernel:3.3:rc4
  • Linux Kernel 3.3 release candidate 3
    cpe:2.3:o:linux:linux_kernel:3.3:rc3
  • Linux Kernel 3.3 release candidate 6
    cpe:2.3:o:linux:linux_kernel:3.3:rc6
  • Linux Kernel 3.3 release candidate 5
    cpe:2.3:o:linux:linux_kernel:3.3:rc5
  • Linux Kernel 3.3 release candidate 2
    cpe:2.3:o:linux:linux_kernel:3.3:rc2
  • Linux Kernel 3.3 release candidate 1
    cpe:2.3:o:linux:linux_kernel:3.3:rc1
  • Linux Kernel 3.3
    cpe:2.3:o:linux:linux_kernel:3.3
  • Linux Kernel 3.3.1
    cpe:2.3:o:linux:linux_kernel:3.3.1
  • Linux Kernel 3.3.2
    cpe:2.3:o:linux:linux_kernel:3.3.2
  • Linux Kernel 3.3.3
    cpe:2.3:o:linux:linux_kernel:3.3.3
  • Linux Kernel 3.3.4
    cpe:2.3:o:linux:linux_kernel:3.3.4
  • Linux Kernel 3.3.5
    cpe:2.3:o:linux:linux_kernel:3.3.5
  • Linux Kernel 3.3.6
    cpe:2.3:o:linux:linux_kernel:3.3.6
  • cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:-:-:ltss
    cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:-:-:ltss
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z
    cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2
    cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2
  • cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:-:server
    cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:-:server
  • Red Hat Enterprise Linux 5 (Server)
    cpe:2.3:o:redhat:enterprise_linux:5:-:server
  • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:-:client
    cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:-:client
  • cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:-:server
    cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:-:server
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z
    cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z
CVSS
Base: 1.2 (as of 02-09-2016 - 17:09)
Impact:
Exploitability:
CWE CWE-264
CAPEC
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Blue Boxing
    This type of attack against older telephone switches and trunks has been around for decades. A tone is sent by an adversary to impersonate a supervisor signal which has the effect of rerouting or usurping command of the line. While the US infrastructure proper may not contain widespread vulnerabilities to this type of attack, many companies are connected globally through call centers and business process outsourcing. These international systems may be operated in countries which have not upgraded Telco infrastructure and so are vulnerable to Blue boxing. Blue boxing is a result of failure on the part of the system to enforce strong authorization for administrative functions. While the infrastructure is different than standard current applications like web applications, there are historical lessons to be learned to upgrade the access control for administrative functions.
  • Restful Privilege Elevation
    Rest uses standard HTTP (Get, Put, Delete) style permissions methods, but these are not necessarily correlated generally with back end programs. Strict interpretation of HTTP get methods means that these HTTP Get services should not be used to delete information on the server, but there is no access control mechanism to back up this logic. This means that unless the services are properly ACL'd and the application's service implementation are following these guidelines then an HTTP request can easily execute a delete or update on the server side. The attacker identifies a HTTP Get URL such as http://victimsite/updateOrder, which calls out to a program to update orders on a database or other resource. The URL is not idempotent so the request can be submitted multiple times by the attacker, additionally, the attacker may be able to exploit the URL published as a Get method that actually performs updates (instead of merely retrieving data). This may result in malicious or inadvertent altering of data on the server.
  • Target Programs with Elevated Privileges
    This attack targets programs running with elevated privileges. The attacker would try to leverage a bug in the running program and get arbitrary code to execute with elevated privileges. For instance an attacker would look for programs that write to the system directories or registry keys (such as HKLM, which stores a number of critical Windows environment variables). These programs are typically running with elevated privileges and have usually not been designed with security in mind. Such programs are excellent exploit targets because they yield lots of power when they break. The malicious user try to execute its code at the same level as a privileged system call.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1304.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384, Moderate) * A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390, Moderate) * A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552, Moderate) * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) * A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) Red Hat would like to thank Hafid Lin for reporting CVE-2012-3552, and Stephan Mueller for reporting CVE-2012-2313. The CVE-2012-3430 issue was discovered by the Red Hat InfiniBand team. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62316
    published 2012-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62316
    title CentOS 6 : kernel (CESA-2012:1304)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1304.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384, Moderate) * A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390, Moderate) * A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552, Moderate) * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) * A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) Red Hat would like to thank Hafid Lin for reporting CVE-2012-3552, and Stephan Mueller for reporting CVE-2012-2313. The CVE-2012-3430 issue was discovered by the Red Hat InfiniBand team. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 62303
    published 2012-09-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62303
    title RHEL 6 : kernel (RHSA-2012:1304)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1174.NASL
    description From Red Hat Security Advisory 2012:1174 : Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68599
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68599
    title Oracle Linux 5 : kernel (ELSA-2012-1174)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1304.NASL
    description From Red Hat Security Advisory 2012:1304 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384, Moderate) * A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390, Moderate) * A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552, Moderate) * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) * A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) Red Hat would like to thank Hafid Lin for reporting CVE-2012-3552, and Stephan Mueller for reporting CVE-2012-2313. The CVE-2012-3430 issue was discovered by the Red Hat InfiniBand team. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68630
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68630
    title Oracle Linux 6 : kernel (ELSA-2012-1304)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1589.NASL
    description Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes the following bug : * The kernel allows high priority real time tasks, such as tasks scheduled with the SCHED_FIFO policy, to be throttled. Previously, the CPU stop tasks were scheduled as high priority real time tasks and could be thus throttled accordingly. However, the replenishment timer, which is responsible for clearing a throttle flag on tasks, could be pending on the just disabled CPU. This could lead to the situation that the throttled tasks were never scheduled to run. Consequently, if any of such tasks was needed to complete the CPU disabling, the system became unresponsive. This update introduces a new scheduler class, which gives a task the highest possible system priority and such a task cannot be throttled. The stop-task scheduling class is now used for the CPU stop tasks, and the system shutdown completes as expected in the scenario described. (BZ#876077) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64070
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64070
    title RHEL 6 : kernel (RHSA-2012:1589)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1481.NASL
    description Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes the following bugs : * The QLogic netxen_nic driver has been upgraded to version 4.0.75, which provides several bug fixes. This update also allows users to set speed and automatic negotiation parameters for Gigabit Ethernet (GbE) ports. Note that QLogic devices do not support half-duplex data transmission at the moment. (BZ#865304) * When the ext3_dx_add_entry() function had to split a directory index node, it had to ensure that the name_len variable of the new dx_node's fake_dirent structure was set to zero. Otherwise, the e2fsck tool did not recognize it as an intermediate htree node and considered the htree node to be corrupted. The dx_node's fake_dirent structure is now always explicitly set to zero, which prevents the corruption in this scenario. (BZ#866548) * Previously, the error cleanup logic was incorrect: once an error was detected, the same error was reported on every polling cycle (the default behavior is to poll every second). This caused an excessive amount of Error Detection And Correction (EDAC) messages to be logged in the /var/log/messages file. This update fixes the error cleanup logic, which prevents the unnecessary messages from being logged. (BZ#866796) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64062
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64062
    title RHEL 5 : kernel (RHSA-2012:1481)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120925_KERNEL_ON_SL6_X.NASL
    description The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384, Moderate) - A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390, Moderate) - A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552, Moderate) - A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) - A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) This update also fixes several bugs. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 62346
    published 2012-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62346
    title Scientific Linux Security Update : kernel on SL6.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1174.NASL
    description Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 61626
    published 2012-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61626
    title CentOS 5 : kernel (CESA-2012:1174)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1174.NASL
    description Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 61618
    published 2012-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61618
    title RHEL 5 : kernel (RHSA-2012:1174)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1174-1.NASL
    description From Red Hat Security Advisory 2012:1174 : Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Stephan Mueller for reporting this issue. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68598
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68598
    title Oracle Linux 5 : kernel (ELSA-2012-1174-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1472-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59476
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59476
    title Ubuntu 11.10 : linux vulnerabilities (USN-1472-1)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2012-0042.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix bug number for commit 'cciss: Update HPSA_BOUNDARY' (Joe Jin) [Orabug: 14681166] - cciss: Update HPSA_BOUNDARY. (Joe Jin) [Orabug: 14319765] - KVM: introduce kvm_for_each_memslot macro (Maxim Uvarov) [Bugdb: 13966] - dl2k: Clean up rio_ioctl (Jeff Mahoney) [Orabug: 14126896] (CVE-2012-2313) - NFSv4: include bitmap in nfsv4 get acl data (Andy Adamson) (CVE-2011-4131) - KVM: Fix buffer overflow in kvm_set_irq (Avi Kivity) [Bugdb: 13966] (CVE-2012-2137) - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb (Jason Wang) [Bugdb: 13966] (CVE-2012-2136) - mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (Andrea Arcangeli) [Bugdb: 13966] (CVE-2012-2373) - KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb: 13966] (CVE-2012-2121) - KVM: unmap pages from the iommu when slots are removed (Maxim Uvarov) [Bugdb: 13966] (CVE-2012-2121) - fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [Bugdb: 13966] (CVE-2012-2123) - tilegx: enable SYSCALL_WRAPPERS support (Chris Metcalf) (CVE-2009-0029) - drm/i915: fix integer overflow in i915_gem_do_execbuffer (Xi Wang) [Orabug: 14107456] (CVE-2012-2384) - drm/i915: fix integer overflow in i915_gem_execbuffer2 (Xi Wang) [Orabug: 14107445] (CVE-2012-2383) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) (CVE-2011-4127) - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) (CVE-2011-4127) - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) [Orabug: 14056755] (CVE-2011-4127) - KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi Kivity) [Bugdb: 13871] (CVE-2012-1601) - regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter Anvin) (CVE-2012-1097) - regset: Prevent null pointer reference on readonly regsets (H. Peter Anvin) (CVE-2012-1097) - cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton) (CVE-2012-1090) - mm: thp: fix pmd_bad triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) (CVE-2012-1179) - ext4: fix undefined behavior in ext4_fill_flex_info (Xi Wang) (CVE-2009-4307) - ocfs2: clear unaligned io flag when dio fails (Junxiao Bi) [Orabug: 14063941] - aio: make kiocb->private NUll in init_sync_kiocb (Junxiao Bi) [Orabug: 14063941] - igb: Fix for Alt MAC Address feature on 82580 and later devices (Carolyn Wyborny) [Orabug: 14258706] - igb: Alternate MAC Address Updates for Func2&3 (Akeem G. Abodunrin) [Orabug: 14258706] - igb: Alternate MAC Address EEPROM Updates (Akeem G. Abodunrin) [Orabug: 14258706] - cciss: only enable cciss_allow_hpsa when for ol5 (Joe Jin) [Orabug: 14106006] - Revert 'cciss: remove controllers supported by hpsa' (Joe Jin) [Orabug: 14106006] - [scsi] hpsa: add all support devices for ol5 (Joe Jin) [Orabug: 14106006] - Disable VLAN 0 tagging for none VLAN traffic (Adnan Misherfi) [Orabug: 14406424] - x86: Add Xen kexec control code size check to linker script (Daniel Kiper) - drivers/xen: Export vmcoreinfo through sysfs (Daniel Kiper) - x86/xen/enlighten: Add init and crash kexec/kdump hooks (Maxim Uvarov) - x86/xen: Add kexec/kdump makefile rules (Daniel Kiper) - x86/xen: Add x86_64 kexec/kdump implementation (Daniel Kiper) - x86/xen: Add placeholder for i386 kexec/kdump implementation (Daniel Kiper) - x86/xen: Register resources required by kexec-tools (Daniel Kiper) - x86/xen: Introduce architecture dependent data for kexec/kdump (Daniel Kiper) - xen: Introduce architecture independent data for kexec/kdump (Daniel Kiper) - x86/kexec: Add extra pointers to transition page table PGD, PUD, PMD and PTE (Daniel Kiper) - kexec: introduce kexec_ops struct (Daniel Kiper) - SPEC: replace DEFAULTKERNEL from kernel-ovs to kernel-uek
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79484
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79484
    title OracleVM 3.1 : kernel-uek (OVMSA-2012-0042)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-133.NASL
    description An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384 , Moderate) A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390 , Moderate) A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552 , Moderate) A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313 , Low) A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430 , Low)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69623
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69623
    title Amazon Linux AMI : kernel (ALAS-2012-133)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1476-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384)
    last seen 2019-02-21
    modified 2016-12-01
    plugin id 59553
    published 2012-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59553
    title USN-1476-1 : linux-ti-omap4 vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-8162.NASL
    description This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. (CVE-2012-2319) - The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. (CVE-2012-2313) - The befs_follow_linkl function in fs/befs/linuxvfs.c in the Linux kernel did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem. (CVE-2011-2928) - Fixed a memory corruption possibility in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. (CVE-2011-4077) - A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. (CVE-2011-4324) - Mounting a corrupted hfs filesystem could lead to a buffer overflow. (CVE-2011-4330) The following non-security issues have been fixed : - kernel: pfault task state race (bnc#764128,LTC#81724). - ap: Toleration for ap bus devices with device type 10. (bnc#761389) - hugetlb, numa: fix interleave mpol reference count. (bnc#762111) - cciss: fixup kdump. (bnc#730200) - kdump: Avoid allocating bootmem map over crash reserved region. (bnc#749168, bnc#722400, bnc#742881) - qeth: Improve OSA Express 4 blkt defaults (bnc#754964,LTC#80325). - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754964,LTC#80378). - virtio: add names to virtqueue struct, mapping from devices to queues. (bnc#742148) - virtio: find_vqs/del_vqs virtio operations. (bnc#742148) - virtio_pci: optional MSI-X support. (bnc#742148) - virtio_pci: split up vp_interrupt. (bnc#742148) - knfsd: nfsd4: fix laundromat shutdown race (752556). - driver core: Check for valid device in bus_find_device(). (bnc#729685) - VMware detection backport from mainline. (bnc#671124, bnc#747381) - net: adding memory barrier to the poll and receive callbacks. (bnc#746397 / bnc#750928) - qla2xxx: drop reference before wait for completion. (bnc#744592) - qla2xxx: drop reference before wait for completion. (bnc#744592) - ixgbe driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off. (bnc#693639) - Properly release MSI(X) vector(s) when MSI(X) gets disabled. (bnc#723294, bnc#721869) - scsi: Always retry internal target error. (bnc#745640) - cxgb4: fix parent device access in netdev_printk. (bnc#733155) - lcs: lcs offline failure (bnc#752486,LTC#79788). - qeth: add missing wake_up call (bnc#752486,LTC#79899). - NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR. (bnc#751880) - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. - xenbus_dev: add missing error checks to watch handling. - blkfront: properly fail packet requests. (bnc#745929) - blkback: failure to write 'feature-barrier' node is non-fatal. - igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown. (bnc#723294) - igb: Fix for Alt MAC Address feature on 82580 and later devices. (bnc#746980) - igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown. (bnc#723294) - cfq: Fix infinite loop in cfq_preempt_queue(). (bnc#724692) - dasd: fix fixpoint divide exception in define_extent (bnc#750168,LTC#79125). - ctcmpc: use correct idal word list for ctcmpc (bnc#750168,LTC#79264). - patches.fixes/ext3-fix-reuse-of-freed-blocks.diff: Delete. Patch should not really be needed and apparently causes a performance regression. (bnc#683270) - tcp: fix race condition leading to premature termination of sockets in FIN_WAIT2 state and connection being reset. (bnc#745760) - kernel: console interrupts vs. panic (bnc#737325,LTC#77272). - af_iucv: remove IUCV-pathes completely (bnc#737325,LTC#78292). - qdio: wrong buffers-used counter for ERROR buffers (bnc#737325,LTC#78758). - ext3: Fix credit estimate for DIO allocation. (bnc#745732) - jbd: validate sb->s_first in journal_get_superblock(). (bnc#730118) - ocfs2: serialize unaligned aio. (bnc#671479) - cifs: eliminate usage of kthread_stop for cifsd. (bnc#718343) - virtio: fix wrong type used, resulting in truncated addresses in bigsmp kernel. (bnc#737899) - cciss: Adds simple mode functionality. (bnc#730200) - blktap: fix locking (again). (bnc#724734) - block: Initial support for data-less (or empty) barrier support (bnc#734707 FATE#313126). - xen: Do not allow empty barriers to be passed down to queues that do not grok them (bnc#734707 FATE#313126). - linkwatch: Handle jiffies wrap-around. (bnc#740131)
    last seen 2019-02-21
    modified 2012-06-15
    plugin id 59522
    published 2012-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59522
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8162)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KERNEL-8161.NASL
    description This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. (CVE-2012-2319) - The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. (CVE-2012-2313) - The befs_follow_linkl function in fs/befs/linuxvfs.c in the Linux kernel did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem. (CVE-2011-2928) - Fixed a memory corruption possibility in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. (CVE-2011-4077) - A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. (CVE-2011-4324) - Mounting a corrupted hfs filesystem could lead to a buffer overflow. (CVE-2011-4330) The following non-security issues have been fixed : - kernel: pfault task state race (bnc#764128,LTC#81724). - ap: Toleration for ap bus devices with device type 10. (bnc#761389) - hugetlb, numa: fix interleave mpol reference count. (bnc#762111) - cciss: fixup kdump. (bnc#730200) - kdump: Avoid allocating bootmem map over crash reserved region. (bnc#749168, bnc#722400, bnc#742881) - qeth: Improve OSA Express 4 blkt defaults (bnc#754964,LTC#80325). - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754964,LTC#80378). - virtio: add names to virtqueue struct, mapping from devices to queues. (bnc#742148) - virtio: find_vqs/del_vqs virtio operations. (bnc#742148) - virtio_pci: optional MSI-X support. (bnc#742148) - virtio_pci: split up vp_interrupt. (bnc#742148) - knfsd: nfsd4: fix laundromat shutdown race (752556). - driver core: Check for valid device in bus_find_device(). (bnc#729685) - VMware detection backport from mainline. (bnc#671124, bnc#747381) - net: adding memory barrier to the poll and receive callbacks. (bnc#746397 / bnc#750928) - qla2xxx: drop reference before wait for completion. (bnc#744592) - qla2xxx: drop reference before wait for completion. (bnc#744592) - ixgbe driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off. (bnc#693639) - Properly release MSI(X) vector(s) when MSI(X) gets disabled. (bnc#723294, bnc#721869) - scsi: Always retry internal target error. (bnc#745640) - cxgb4: fix parent device access in netdev_printk. (bnc#733155) - lcs: lcs offline failure (bnc#752486,LTC#79788). - qeth: add missing wake_up call (bnc#752486,LTC#79899). - NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR. (bnc#751880) - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. - xenbus_dev: add missing error checks to watch handling. - blkfront: properly fail packet requests. (bnc#745929) - blkback: failure to write 'feature-barrier' node is non-fatal. - igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown. (bnc#723294) - igb: Fix for Alt MAC Address feature on 82580 and later devices. (bnc#746980) - igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown. (bnc#723294) - cfq: Fix infinite loop in cfq_preempt_queue(). (bnc#724692) - dasd: fix fixpoint divide exception in define_extent (bnc#750168,LTC#79125). - ctcmpc: use correct idal word list for ctcmpc (bnc#750168,LTC#79264). - patches.fixes/ext3-fix-reuse-of-freed-blocks.diff: Delete. Patch should not really be needed and apparently causes a performance regression. (bnc#683270) - tcp: fix race condition leading to premature termination of sockets in FIN_WAIT2 state and connection being reset. (bnc#745760) - kernel: console interrupts vs. panic (bnc#737325,LTC#77272). - af_iucv: remove IUCV-pathes completely (bnc#737325,LTC#78292). - qdio: wrong buffers-used counter for ERROR buffers (bnc#737325,LTC#78758). - ext3: Fix credit estimate for DIO allocation. (bnc#745732) - jbd: validate sb->s_first in journal_get_superblock(). (bnc#730118) - ocfs2: serialize unaligned aio. (bnc#671479) - cifs: eliminate usage of kthread_stop for cifsd. (bnc#718343) - virtio: fix wrong type used, resulting in truncated addresses in bigsmp kernel. (bnc#737899) - cciss: Adds simple mode functionality. (bnc#730200) - blktap: fix locking (again). (bnc#724734) - block: Initial support for data-less (or empty) barrier support (bnc#734707 FATE#313126). - xen: Do not allow empty barriers to be passed down to queues that do not grok them (bnc#734707 FATE#313126). - linkwatch: Handle jiffies wrap-around. (bnc#740131)
    last seen 2019-02-21
    modified 2012-06-15
    plugin id 59521
    published 2012-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59521
    title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8161)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1541.NASL
    description Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages contain the Linux kernel. Security fixes : * A malicious NFSv4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. (CVE-2011-4131, Moderate) * A flaw in the dl2k driver could allow a local, unprivileged user to issue potentially harmful IOCTLs, possibly causing Ethernet adapters using the driver to malfunction (such as losing network connectivity). (CVE-2012-2313, Low) Red Hat would like to thank Andy Adamson for reporting CVE-2011-4131, and Stephan Mueller for reporting CVE-2012-2313. Bug fixes : * A kernel oops occurred in the nf_nat code when a bogus pointer was dereferenced in the nf_conn_nat structure. Consequently, if Source Network Address Translation (SNAT) was performed, incorrect information could be received by other CTS (Clear to Send) signals. A conntrack entry is now placed in the source hash after SNAT has been completed, which prevents the described problems. (BZ#865715) * Previously, the ixgbe_setup_tc() function was called recursively when the set_state() CEE (Convergence Enhanced Ethernet) API routine was called in IEEE DCBX (Data Center Bridging eXchange) mode. This is considered unsafe according to the IEEE standards. With this update, the ixgbe driver has been modified to no longer call the set_state() routine in IEEE DCBX mode. The driver now calls routines of the PFC (Priority-based Flow Control) and ETS (Enhanced Transmission Selection) extensions instead of the CEE extension routines in IEEE DCBX mode. (BZ#867859) * A Symmetric Multi Processing (SMP) race condition between the munmap() and exit() function could lead to false-positive triggering of the BUG_ON() macro if Transparent Huge Pages (THP) were enabled. This update fixes the race condition, which avoids false-positive triggering of the BUG_ON() macro in this scenario. (BZ#875121) * The kernel allows high priority real time tasks, such as tasks scheduled with the SCHED_FIFO policy, to be throttled. Previously, the CPU stop tasks were scheduled as high priority real time tasks and could be thus throttled accordingly. However, the replenishment timer, which is responsible for clearing a throttle flag on tasks, could be pending on the just disabled CPU. This could lead to the situation that the throttled tasks were never scheduled to run. Consequently, if any of such tasks was needed to complete the CPU disabling, the system became unresponsive. This update introduces a new scheduler class, which gives a task the highest possible system priority and such a task cannot be throttled. The stop-task scheduling class is now used for the CPU stop tasks, and the system shutdown completes as expected in the scenario described. (BZ#876078) * Previously, XFS log buffers were handled incorrectly so that XFS could, in certain circumstances, incorrectly read metadata from the journal during XFS log recovery. As a consequence, XFS log recovery terminated with an error message and prevented the file system from being mounted. This problem could result in a loss of data if the user forcibly emptied the log to allow the file system to be mounted. This update ensures that metadata is read correctly from the log and journal recovery thus completes successfully, and the file system mounts as expected. (BZ#876498) * Previously, kernel was allowed to reduce the number of unnecessary commit calls by skipping the commit when there was a large number of outstanding pages being written. However, a test on the number of commits (ncommit) did not properly handle the edge case when ncommit was zero. Consequently, inodes sometimes remained on the sb->s_dirty list and could not be freed by the inode cache shrinker. As a result, the nfs_inode_cache structure grew very large over time. With this update, the call to the nfs_write_inode() function is immediately returned when commit == 0, thus fixing this bug. (BZ#877394)
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 64068
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64068
    title RHEL 6 : kernel (RHSA-2012:1541)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1492-1.NASL
    description Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59815
    published 2012-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59815
    title Ubuntu 10.04 LTS : linux vulnerabilities (USN-1492-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1471-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59475
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59475
    title Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1471-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1473-1.NASL
    description A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59495
    published 2012-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59495
    title Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1530-1.NASL
    description Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. (CVE-2012-2123) An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. (CVE-2012-2136) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372) A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). (CVE-2012-2375)
    last seen 2019-02-21
    modified 2016-12-01
    plugin id 61508
    published 2012-08-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61508
    title USN-1530-1 : linux-ti-omap4 vulnerabilities
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-78.NASL
    description The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69685
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69685
    title Amazon Linux AMI : kernel (ALAS-2012-78)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-2507.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68847
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68847
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2507)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2038.NASL
    description Description of changes: kernel-uek [2.6.32-300.37.1.el6uek] - sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994] - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412} [2.6.32-300.36.1.el6uek] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430} [2.6.32-300.35.1.el6uek] - oracleasm: Bring driver in sync with UEK2 (Martin K. Petersen) - Fix system hang due to bad protection module parameters (CR 130769) (Martin K. Petersen) - sd: Avoid remapping bad reference tags (Martin K. Petersen) - block: Fix bad range check in bio_sector_offset (Martin K. Petersen) [2.6.32-300.34.1.el6uek] - htrimer: fix kabi breakage (Joe Jin) - 2.6.32.x: timekeeping: Add missing update call in timekeeping_resume() (Thomas Gleixner) - 2.6.32.x: hrtimer: Update hrtimer base offsets each hrtimer_interrupt (John Stultz) - 2.6.32.x: timekeeping: Provide hrtimer update function (Thomas Gleixner) - 2.6.32.x: hrtimers: Move lock held region in hrtimer_interrupt() (Thomas Gleixner) - 2.6.32.x: timekeeping: Maintain ktime_t based offsets for hrtimers (Thomas Gleixner) - 2.6.32.x: timekeeping: Fix leapsecond triggered load spike issue (John Stultz) - 2.6.32.x: hrtimer: Provide clock_was_set_delayed() (John Stultz) - 2.6.32.x: time: Move common updates to a function (Thomas Gleixner) - 2.6.32.x: timekeeping: Fix CLOCK_MONOTONIC inconsistency during leapsecond (John Stultz) - 2.6.32.x: ntp: Correct TAI offset during leap second (Richard Cochran) - 2.6.32.x: ntp: Fix leap-second hrtimer livelock (John Stultz) - Revert '2.6.32.x: hrtimer: Fix clock_was_set so it is safe to call from irq context' (Joe Jin) - Revert '2.6.32.x: time: Fix leapsecond triggered hrtimer/futex load spike issue' (Joe Jin) - Revert '2.6.32.x: hrtimer: Update hrtimer base offsets each hrtimer_interrupt' (Joe Jin) [2.6.32-300.33.1.el6uek] - mpt2sas: Update mpt2sas to 120.105.11.00 (Guru Anbalagane) [Orabug: 14376481] - Revert 'mpt2sas: update to 12.105.11.00' (Maxim Uvarov)
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68683
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68683
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2038)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1491-1.NASL
    description Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59814
    published 2012-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59814
    title Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1491-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1474-1.NASL
    description A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of cliprect on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2383) Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver handling of buffer_count on 32 bit systems. An unprivileged local attacker could leverage this flaw to cause a denial of service or potentially gain root privileges. (CVE-2012-2384)
    last seen 2019-02-21
    modified 2016-12-01
    plugin id 59496
    published 2012-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59496
    title USN-1474-1 : linux-ti-omap4 vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_KERNEL-120523.NASL
    description The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.31, fixing many bugs and security issues. Various security and bug fixes contained in the Linux 3.0 stable releases 3.0.27 up to 3.0.31 have been included, but are not explicitly listed below. The following notable security issues have been fixed : - The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. (CVE-2012-2313) - A use after free bug in hugetlb support could be used by local attackers to crash the system. (CVE-2012-2133) - Various leaks in namespace handling over fork where fixed, which could be exploited by e.g. vsftpd access by remote users. (CVE-2012-2127) - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. (CVE-2012-2319) The following non security bugs have been fixed by this update : - BTRFS - Partial revert of truncation improvements. - Fix eof while discarding extents. - Check return value of bio_alloc() properly. - Return void from clear_state_bit. - Avoid possible use-after-free in clear_extent_bit(). - Make free_ipath() deal gracefully with NULL pointers. - Do not call free_extent_buffer twice in iterate_irefs. - Add missing read locks in backref.c. - Fix max chunk size check in chunk allocator. - Double unlock bug in error handling. - Do not return EINTR. - Fix btrfs_ioctl_dev_info() crash on missing device. - Fix that check_int_data mount option was ignored. - Do not mount when we have a sectorsize unequal to PAGE_SIZE. - Avoid possible use-after-free in clear_extent_bit(). - Retrurn void from clear_state_bit. - Fix typo in free-space-cache.c. - Remove the ideal caching code. - Remove search_start and search_end from find_free_extent and callers. - Adjust the write_lock_level as we unlock. - Actually call btrfs_init_lockdep. - Fix regression in scrub path resolving. - Show useful info in space reservation tracepoint. - Flush out and clean up any block device pages during mount. - Fix deadlock during allocating chunks. - Fix race between direct io and autodefrag. - Fix the mismatch of page->mapping. - Fix recursive defragment with autodefrag option. - Add a check to decide if we should defrag the range. - Do not bother to defrag an extent if it is a big real extent. - Update to the right index of defragment. - Fix use-after-free in __btrfs_end_transaction. - Stop silently switching single chunks to raid0 on balance. - Add wrappers for working with alloc profiles. - Make profile_is_valid() check more strict. - Move alloc_profile_is_valid() to volumes.c. - Add get_restripe_target() helper. - Add __get_block_group_index() helper. - Improve the logic in btrfs_can_relocate(). - Validate target profiles only if we are going to use them. - Allow dup for data chunks in mixed mode. - Fix memory leak in resolver code. - Fix infinite loop in btrfs_shrink_device(). - Error handling locking fixu. - Fix uninit variable in repair_eb_io_failure. - Always store the mirror we read the eb from. - Do not count CRC or header errors twice while scrubbing. - Do not start delalloc inodes during sync. - Fix repair code for RAID10. - Prevent root_list corruption. - Fix block_rsv and space_info lock ordering. - Fix space checking during fs resize. - Avoid deadlocks from GFP_KERNEL allocations during btrfs_real_readdir(). - Reduce lock contention during extent insertion. - Add properly locking around add_root_to_dirty_list(). - Fix mismatching struct members in ioctl.h. - netfilter : - nf_conntrack: make event callback registration per netns. - DRM : - edid: Add a workaround for 1366x768 HD panel. - edid: Add extra_modes. - edid: Add packed attribute to new gtf2 and cvt structs. - edid: Add the reduced blanking DMT modes to the DMT list - edid: Allow drm_mode_find_dmt to hunt for reduced-blanking modes. - edid: Do drm_dmt_modes_for_range() for all range descriptor types. - edid: Document drm_mode_find_dmt. - edid: Fix some comment typos in the DMT mode list - edid: Generate modes from extra_modes for range descriptors - edid: Give the est3 mode struct a real name. - edid: Remove a misleading comment. - edid: Rewrite drm_mode_find_dmt search loop. - edid: Update range descriptor struct for EDID 1.4 - edid: add missing NULL checks. - edid: s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/ - Fix kABI for drm EDID improvement patches. - Fix the case where multiple modes are returned from EDID - i915: Add more standard modes to LVDS output. - i915: Disable LVDS at mode change. - i915: add Ivy Bridge GT2 Server entries. - i915: delay drm_irq_install() at resume. - EDD: Check for correct EDD 3.0 length. - XEN - blkfront: make blkif_io_lock spinlock per-device. - blkback: streamline main processing loop (fate#309305). - blkback: Implement discard requests handling (fate#309305). - blkback: Enhance discard support with secure erasing support (fate#309305). - blkfront: Handle discard requests (fate#309305). - blkfront: Enhance discard support with secure erasing support (fate#309305). - blkif: support discard (fate#309305). - blkif: Enhance discard support with secure erasing support (fate#309305). - xen/smpboot: adjust ordering of operations. - x86-64: provide a memset() that can deal with 4Gb or above at a time. - Update Xen patches to 3.0.27. - Update Xen patches to 3.0.31. - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53. - xen/gntdev: fix multi-page slot allocation. - TG3 - Avoid panic from reserved statblk field access. - Fix 5717 serdes powerdown problem. - Fix RSS ring refill race condition. - Fix single-vector MSI-X code. - fix ipv6 header length computation. - S/390 - dasd: Fix I/O stall when reserving dasds. - af_iucv: detect down state of HS transport interface (LTC#80859). - af_iucv: allow shutdown for HS transport sockets (LTC#80860). - mm: s390: Fix BUG by using __set_page_dirty_no_writeback on swap. - qeth: Improve OSA Express 4 blkt defaults (LTC#80325). - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (LTC#80378). - zfcpdump: Implement async sdias event processing (LTC#81330). - ALSA - hda: Always resume the codec immediately. - hda: Add Creative CA0132 HDA codec support. - hda: Fix error handling in patch_ca0132.c. - hda: Add the support for Creative SoundCore3D. - OTHER - ixgbe: fix ring assignment issues for SR-IOV and drop cases. - ixgbe: add missing rtnl_lock in PM resume path. - MCE, AMD: Drop too granulary family model checks. - EDAC, MCE, AMD: Print CPU number when reporting the error. - EDAC, MCE, AMD: Print valid addr when reporting an error. - libata: skip old error history when counting probe trials. - x86: kdb: restore kdb stack trace. - ehea: fix allmulticast support, - ehea: fix promiscuous mode. - ehea: only register irq after setting up ports. - ehea: fix losing of NEQ events when one event occurred early. - scsi: Silence unnecessary warnings about ioctl to partition. - scsi_dh_rdac: Update match function to check page C8. - scsi_dh_rdac: Add new NetApp IDs. - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22 0489:E03C. - x86/amd: Add missing feature flag for fam15h models 10h-1fh processors. - x86: Report cpb and eff_freq_ro flags correctly. - x86, amd: Fix up numa_node information for AMD CPU family 15h model 0-0fh northbridge functions. - x86/PCI: amd: Kill misleading message about enablement of IO access to PCI ECS. - cdc-wdm: fix race leading leading to memory corruption. - tlan: add cast needed for proper 64 bit operation. - bonding:update speed/duplex for NETDEV_CHANGE. - bonding: comparing a u8 with -1 is always false. - bonding: start slaves with link down for ARP monitor. - bonding: do not increase rx_dropped after processing LACPDUs - x86: fix the initialization of physnode_map. - sched,rt: fix isolated CPUs leaving root_task_group indefinitely throttled. - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression. Note that this change trades an approximately 400% latency regression fix for power consumption progression that skew removal bought (at high cost). - Revert mainline 0209f649 - rcu: limit rcu_node leaf-level fanout. - md: fix possible corruption of array metadata on shutdown. - md/bitmap: prevent bitmap_daemon_work running while initialising bitmap. - md: ensure changes to write-mostly are reflected in metadata. - cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler. - procfs, namespace, pid_ns: fix leakage upon fork() failure. - mqueue: fix a vfsmount longterm reference leak. - procfs: fix a vfsmount longterm reference leak. - scsi_dh_alua: Optimize stpg command. - scsi_dh_alua: Store pref bit from RTPG. - scsi_dh_alua: set_params interface. - uwb: fix error handling. - uwb: fix use of del_timer_sync() in interrupt. - usbhid: fix error handling of not enough bandwidth. - mm: Improve preservation of page-age information - pagecache limit: Fix the shmem deadlock. - USB: sierra: add support for Sierra Wireless MC7710. - USB: fix resource leak in xhci power loss path. - x86/iommu/intel: Fix identity mapping for sandy bridge. - ipv6: Check dest prefix length on original route not copied one in rt6_alloc_cow(). - ipv6: do not use inetpeer to store metrics for routes. - ipv6: fix problem with expired dst cache. - ipv6: unshare inetpeers. - bridge: correct IPv6 checksum after pull. - scsi: storvsc: Account for in-transit packets in the RESET path. - patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merg e.patch : - patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue .patch: Fix vma merging issue during mbind affecting JVMs. - ACPI, APEI: Fix incorrect APEI register bit width check and usage. - vmxnet3: cap copy length at size of skb to prevent dropped frames on tx. - rt2x00: rt2x00dev: move rfkill_polling register to proper place. - pagecache: fix the BUG_ON safety belt - pagecache: Fixed the GFP_NOWAIT is zero and not suitable for tests bug - igb: reset PHY after recovering from PHY power down. - igb: fix rtnl race in PM resume path. - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing. - watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing redhat#727875). - cfq-iosched: Reduce linked group count upon group destruction. - cdc_ether: Ignore bogus union descriptor for RNDIS devices. - sys_poll: fix incorrect type for timeout parameter. - staging:rts_pstor:Avoid 'Bad target number' message when probing driver. - staging:rts_pstor:Complete scanning_done variable. - staging:rts_pstor:Fix SDIO issue. - staging:rts_pstor: Fix a bug that a MMCPlus card ca not be accessed. - staging:rts_pstor: Fix a miswriting. - staging:rts_pstor:Fix possible panic by NULL pointer dereference. - staging:rts_pstor: fix thread synchronization flow. - freezer:do not unnecessarily set PF_NOFREEZE explicitly. - staging:rts_pstor: off by one in for loop. - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch: fix typo: use if defined(CONFIG_) rather than if CONFIG_
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64174
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64174
    title SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 6338 / 6345 / 6349)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120821_KERNEL_ON_SL5_X.NASL
    description The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : - A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) This update also fixes several bugs. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61655
    published 2012-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61655
    title Scientific Linux Security Update : kernel on SL5.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1493-1.NASL
    description Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59816
    published 2012-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59816
    title Ubuntu 8.04 LTS : linux vulnerabilities (USN-1493-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1490-1.NASL
    description Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). (CVE-2012-2375). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59813
    published 2012-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59813
    title Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1490-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-0812-1.NASL
    description The SUSE Linux Enterprise 10 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs have been fixed : CVE-2015-2041: A information leak in the llc2_timeout_table was fixed (bnc#919007). CVE-2014-9322: arch/x86/kernel/entry_64.S in the Linux kernel did not properly handle faults associated with the Stack Segment (SS) segment register, which allowed local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space (bnc#910251). CVE-2014-9090: The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel did not properly handle faults associated with the Stack Segment (SS) segment register, which allowed local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the 1-clock-tests test suite (bnc#907818). CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c in the Linux kernel did not properly manage a certain backlog value, which allowed remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet (bnc#885422). CVE-2014-3673: The SCTP implementation in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346). CVE-2014-3185: Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel allowed physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response (bnc#896391). CVE-2014-3184: The report_fixup functions in the HID subsystem in the Linux kernel might have allowed physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c (bnc#896390). CVE-2014-1874: The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel allowed local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context (bnc#863335). CVE-2014-0181: The Netlink implementation in the Linux kernel did not provide a mechanism for authorizing socket operations based on the opener of a socket, which allowed local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program (bnc#875051). CVE-2013-4299: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel allowed remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device (bnc#846404). CVE-2013-2147: The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel did not initialize certain data structures, which allowed local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c (bnc#823260). CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in the Linux kernel did not ensure that a keepalive action is associated with a stream socket, which allowed local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket (bnc#896779). CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem (bnc#769784). CVE-2012-2319: Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel allowed local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020 (bnc#760902). CVE-2012-2313: The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel did not restrict access to the SIOCSMIIREG command, which allowed local users to write data to an Ethernet adapter via an ioctl call (bnc#758813). CVE-2011-4132: The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allowed local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an 'invalid log first block value' (bnc#730118). CVE-2011-4127: The Linux kernel did not properly restrict SG_IO ioctl calls, which allowed local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume (bnc#738400). CVE-2011-1585: The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel did not properly determine the associations between users and sessions, which allowed local users to bypass CIFS share authentication by leveraging a mount of a share by a different user (bnc#687812). CVE-2011-1494: Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel might have allowed local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow (bnc#685402). CVE-2011-1495: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel did not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions (bnc#685402). CVE-2011-1493: Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel allowed remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket (bnc#681175). CVE-2011-4913: The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel did not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allowed remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket (bnc#681175). CVE-2011-4914: The ROSE protocol implementation in the Linux kernel did not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket (bnc#681175). CVE-2011-1476: Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel on unspecified non-x86 platforms allowed local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer (bnc#681999). CVE-2011-1477: Multiple array index errors in sound/oss/opl3.c in the Linux kernel allowed local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer (bnc#681999). CVE-2011-1163: The osf_partition function in fs/partitions/osf.c in the Linux kernel did not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing (bnc#679812). CVE-2011-1090: The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel stored NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allowed local users to cause a denial of service (panic) via a crafted attempt to set an ACL (bnc#677286). CVE-2014-9584: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel did not validate a length value in the Extensions Reference (ER) System Use Field, which allowed local users to obtain sensitive information from kernel memory via a crafted iso9660 image (bnc#912654). CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the Linux kernel did not restrict the number of Rock Ridge continuation entries, which allowed local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image (bnc#911325). CVE-2014-5471: Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel allowed local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry (bnc#892490). CVE-2014-5472: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel allowed local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry (bnc#892490). CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number (bnc#880484). CVE-2014-4652: Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access (bnc#883795). CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allowed local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call (bnc#883795). CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel did not properly maintain the user_ctl_count value, which allowed local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls (bnc#883795). CVE-2014-4653: sound/core/control.c in the ALSA control implementation in the Linux kernel did not ensure possession of a read/write lock, which allowed local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access (bnc#883795). CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel allowed local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function (bnc#883795). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 83723
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83723
    title SUSE SLES10 Security Update : kernel (SUSE-SU-2015:0812-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1488-1.NASL
    description Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313) Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319) A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). (CVE-2012-2375). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59811
    published 2012-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59811
    title Ubuntu 11.04 : linux vulnerabilities (USN-1488-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2034.NASL
    description Description of changes: [2.6.39-200.32.1.el6uek] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14680245] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14680284] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14680018] {CVE-2012-3430}
    last seen 2019-01-03
    modified 2019-01-02
    plugin id 68681
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68681
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2034)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-2035.NASL
    description Description of changes: kernel-uek [2.6.32-300.32.3.el6uek] - dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430}
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68682
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68682
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2035)
redhat via4
advisories
  • bugzilla
    id 818820
    title CVE-2012-2313 kernel: unfiltered netdev rio_ioctl access by users
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174002
        • comment kernel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314003
      • AND
        • comment kernel-PAE is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174020
        • comment kernel-PAE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314021
      • AND
        • comment kernel-PAE-devel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174022
        • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314023
      • AND
        • comment kernel-debug is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174006
        • comment kernel-debug is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314015
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174014
        • comment kernel-debug-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314009
      • AND
        • comment kernel-devel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174008
        • comment kernel-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314007
      • AND
        • comment kernel-doc is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174024
        • comment kernel-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314025
      • AND
        • comment kernel-headers is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174004
        • comment kernel-headers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314005
      • AND
        • comment kernel-kdump is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174016
        • comment kernel-kdump is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314017
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174018
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314019
      • AND
        • comment kernel-xen is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174010
        • comment kernel-xen is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314011
      • AND
        • comment kernel-xen-devel is earlier than 0:2.6.18-308.13.1.el5
          oval oval:com.redhat.rhsa:tst:20121174012
        • comment kernel-xen-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314013
    rhsa
    id RHSA-2012:1174
    released 2012-08-21
    severity Low
    title RHSA-2012:1174: kernel security and bug fix update (Low)
  • rhsa
    id RHSA-2012:1481
  • rhsa
    id RHSA-2012:1541
  • rhsa
    id RHSA-2012:1589
rpms
  • kernel-0:2.6.18-308.13.1.el5
  • kernel-PAE-0:2.6.18-308.13.1.el5
  • kernel-PAE-devel-0:2.6.18-308.13.1.el5
  • kernel-debug-0:2.6.18-308.13.1.el5
  • kernel-debug-devel-0:2.6.18-308.13.1.el5
  • kernel-devel-0:2.6.18-308.13.1.el5
  • kernel-doc-0:2.6.18-308.13.1.el5
  • kernel-headers-0:2.6.18-308.13.1.el5
  • kernel-kdump-0:2.6.18-308.13.1.el5
  • kernel-kdump-devel-0:2.6.18-308.13.1.el5
  • kernel-xen-0:2.6.18-308.13.1.el5
  • kernel-xen-devel-0:2.6.18-308.13.1.el5
  • kernel-0:2.6.32-279.9.1.el6
  • kernel-bootwrapper-0:2.6.32-279.9.1.el6
  • kernel-debug-0:2.6.32-279.9.1.el6
  • kernel-debug-devel-0:2.6.32-279.9.1.el6
  • kernel-devel-0:2.6.32-279.9.1.el6
  • kernel-doc-0:2.6.32-279.9.1.el6
  • kernel-firmware-0:2.6.32-279.9.1.el6
  • kernel-headers-0:2.6.32-279.9.1.el6
  • kernel-kdump-0:2.6.32-279.9.1.el6
  • kernel-kdump-devel-0:2.6.32-279.9.1.el6
  • perf-0:2.6.32-279.9.1.el6
  • python-perf-0:2.6.32-279.9.1.el6
refmap via4
bid 53965
confirm
hp HPSBGN02970
mlist [oss-security] 20120504 Re: CVE Request: more tight ioctl permissions in dl2k driver
suse SUSE-SU-2015:0812
Last major update 06-09-2016 - 09:25
Published 13-06-2012 - 06:24
Back to Top