Vulnerabilities > CVE-2009-0747 - Resource Management Errors vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2013-0039.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2013-0039 for details. last seen 2020-06-01 modified 2020-06-02 plugin id 79507 published 2014-11-26 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79507 title OracleVM 2.2 : kernel (OVMSA-2013-0039) code # # (C) Tenable Network Security, Inc. # # The package checks in this plugin were extracted from OracleVM # Security Advisory OVMSA-2013-0039. # include("compat.inc"); if (description) { script_id(79507); script_version("1.25"); script_cvs_date("Date: 2020/02/13"); script_cve_id("CVE-2006-6304", "CVE-2007-4567", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-1388", "CVE-2009-1389", "CVE-2009-1895", "CVE-2009-2406", "CVE-2009-2407", "CVE-2009-2692", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2908", "CVE-2009-3080", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-4020", "CVE-2009-4021", "CVE-2009-4067", "CVE-2009-4138", "CVE-2009-4141", "CVE-2009-4307", "CVE-2009-4308", "CVE-2009-4536", "CVE-2009-4537", "CVE-2009-4538", "CVE-2010-0007", "CVE-2010-0415", "CVE-2010-0437", "CVE-2010-0622", "CVE-2010-0727", "CVE-2010-1083", "CVE-2010-1084", "CVE-2010-1086", "CVE-2010-1087", "CVE-2010-1088", "CVE-2010-1173", "CVE-2010-1188", "CVE-2010-1436", "CVE-2010-1437", "CVE-2010-1641", "CVE-2010-2226", "CVE-2010-2240", "CVE-2010-2248", "CVE-2010-2521", "CVE-2010-2798", "CVE-2010-2942", "CVE-2010-2963", "CVE-2010-3067", "CVE-2010-3078", "CVE-2010-3086", "CVE-2010-3296", "CVE-2010-3432", "CVE-2010-3442", "CVE-2010-3477", "CVE-2010-3858", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-3877", "CVE-2010-4073", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4158", "CVE-2010-4242", "CVE-2010-4248", "CVE-2010-4249", "CVE-2010-4258", "CVE-2010-4346", "CVE-2010-4649", "CVE-2010-4655", "CVE-2011-0521", "CVE-2011-0726", "CVE-2011-1010", "CVE-2011-1020", "CVE-2011-1044", "CVE-2011-1078", "CVE-2011-1079", "CVE-2011-1080", "CVE-2011-1083", "CVE-2011-1090", "CVE-2011-1093", "CVE-2011-1160", "CVE-2011-1162", "CVE-2011-1163", "CVE-2011-1182", "CVE-2011-1573", "CVE-2011-1577", "CVE-2011-1585", "CVE-2011-1745", "CVE-2011-1746", "CVE-2011-1776", "CVE-2011-1833", "CVE-2011-2022", "CVE-2011-2203", "CVE-2011-2213", "CVE-2011-2482", "CVE-2011-2484", "CVE-2011-2491", "CVE-2011-2496", "CVE-2011-2525", "CVE-2011-3191", "CVE-2011-3637", "CVE-2011-3638", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4110", "CVE-2011-4127", "CVE-2011-4324", "CVE-2011-4330", "CVE-2011-4348", "CVE-2012-1583", "CVE-2012-2136"); script_bugtraq_id(35281, 35647, 35850, 35851, 35930, 36038, 36472, 36639, 36723, 36824, 36827, 36901, 36936, 37068, 37069, 37339, 37519, 37521, 37523, 37762, 37806, 38144, 38165, 38185, 38479, 38898, 39016, 39042, 39044, 39101, 39569, 39715, 39719, 39794, 40356, 40920, 42124, 42242, 42249, 42505, 42529, 43022, 43221, 43353, 43480, 43787, 43809, 44242, 44301, 44354, 44630, 44648, 44754, 44758, 45014, 45028, 45037, 45058, 45063, 45073, 45159, 45323, 45972, 45986, 46073, 46488, 46492, 46567, 46616, 46630, 46766, 46793, 46866, 46878, 47003, 47308, 47321, 47343, 47381, 47534, 47535, 47791, 47796, 47843, 48236, 48333, 48383, 48641, 48687, 49108, 49141, 49295, 49373, 50322, 50370, 50750, 50755, 50764, 50798, 51176, 51361, 51363, 51945, 53139, 53721); script_name(english:"OracleVM 2.2 : kernel (OVMSA-2013-0039)"); script_summary(english:"Checks the RPM output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote OracleVM host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2013-0039 for details." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/oraclevm-errata/2013-May/000153.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Linux Kernel Sendpage Local Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 20, 119, 189, 200, 264, 362, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-ovs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-ovs-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:2.2"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/14"); script_set_attribute(attribute:"patch_publication_date", value:"2013/05/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"OracleVM Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/OracleVM/release"); if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM"); if (! preg(pattern:"^OVS" + "2\.2" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 2.2", "OracleVM " + release); if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu); flag = 0; if (rpm_check(release:"OVS2.2", reference:"kernel-2.6.18-128.2.1.5.10.el5")) flag++; if (rpm_check(release:"OVS2.2", reference:"kernel-PAE-2.6.18-128.2.1.5.10.el5")) flag++; if (rpm_check(release:"OVS2.2", reference:"kernel-PAE-devel-2.6.18-128.2.1.5.10.el5")) flag++; if (rpm_check(release:"OVS2.2", reference:"kernel-devel-2.6.18-128.2.1.5.10.el5")) flag++; if (rpm_check(release:"OVS2.2", reference:"kernel-ovs-2.6.18-128.2.1.5.10.el5")) flag++; if (rpm_check(release:"OVS2.2", reference:"kernel-ovs-devel-2.6.18-128.2.1.5.10.el5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / kernel-ovs / etc"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1749.NASL description Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges. - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory. - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users. - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption). - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry. - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory. - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics. - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation. - CVE-2009-0746 Sami Liedes reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when accessing a specially crafted corrupt filesystem. - CVE-2009-0747 David Maciejak reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem. - CVE-2009-0748 David Maciejak reported an additional issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem. last seen 2020-06-01 modified 2020-06-02 plugin id 35987 published 2009-03-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35987 title Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1749. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(35987); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748"); script_bugtraq_id(33113, 33846); script_xref(name:"DSA", value:"1749"); script_name(english:"Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges. - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory. - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users. - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption). - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry. - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory. - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics. - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation. - CVE-2009-0746 Sami Liedes reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when accessing a specially crafted corrupt filesystem. - CVE-2009-0747 David Maciejak reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem. - CVE-2009-0748 David Maciejak reported an additional issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0029" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0031" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0065" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0269" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0322" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0676" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0675" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0745" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0746" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0747" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-0748" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2009/dsa-1749" ); script_set_attribute( attribute:"solution", value: "Upgrade the linux-2.6 packages. For the oldstable distribution (etch), these problems, where applicable, will be fixed in future updates to linux-2.6 and linux-2.6.24. For the stable distribution (lenny), these problems have been fixed in version 2.6.26-13lenny2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 119, 189, 264, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-2.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/03/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/03/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"linux-doc-2.6.26", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-486", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-4kc-malta", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-5kc-malta", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-686-bigmem", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-alpha", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-arm", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-armel", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-hppa", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-i386", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-ia64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-mips", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-mipsel", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-powerpc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-s390", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-all-sparc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-alpha-generic", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-alpha-legacy", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-alpha-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-common", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-common-openvz", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-common-vserver", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-common-xen", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-footbridge", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-iop32x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-itanium", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-ixp4xx", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-mckinley", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-openvz-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-openvz-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-orion5x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-parisc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-parisc-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-parisc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-parisc64-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-powerpc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-powerpc-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-powerpc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-r4k-ip22", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-r5k-cobalt", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-r5k-ip32", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-s390", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-s390x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-sb1-bcm91250a", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-sb1a-bcm91480b", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-sparc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-sparc64-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-versatile", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-686-bigmem", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-itanium", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-mckinley", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-powerpc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-powerpc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-s390x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-vserver-sparc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-xen-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-headers-2.6.26-1-xen-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-486", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-4kc-malta", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-5kc-malta", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-686-bigmem", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-alpha-generic", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-alpha-legacy", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-alpha-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-footbridge", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-iop32x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-itanium", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-ixp4xx", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-mckinley", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-openvz-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-openvz-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-orion5x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-parisc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-parisc-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-parisc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-parisc64-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-powerpc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-powerpc-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-powerpc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-r4k-ip22", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-r5k-cobalt", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-r5k-ip32", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-s390", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-s390-tape", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-s390x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-sb1-bcm91250a", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-sb1a-bcm91480b", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-sparc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-sparc64-smp", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-versatile", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-686-bigmem", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-itanium", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-mckinley", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-powerpc", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-powerpc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-s390x", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-vserver-sparc64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-xen-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-image-2.6.26-1-xen-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-libc-dev", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-manual-2.6.26", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-modules-2.6.26-1-xen-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-modules-2.6.26-1-xen-amd64", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-patch-debian-2.6.26", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-source-2.6.26", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-support-2.6.26-1", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"linux-tree-2.6.26", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"xen-linux-system-2.6.26-1-xen-686", reference:"2.6.26-13lenny2")) flag++; if (deb_check(release:"5.0", prefix:"xen-linux-system-2.6.26-1-xen-amd64", reference:"2.6.26-13lenny2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1243.NASL description Updated kernel packages that fix security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the fourth regular update. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important) * a flaw was found in the way the do_sigaltstack() function in the Linux kernel copies the stack_t structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate) * a flaw was found in the ext4 file system code. A local attacker could use this flaw to cause a denial of service by performing a resize operation on a specially crafted ext4 file system. (CVE-2009-0745, Low) * multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially crafted ext4 file system. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, Low) These updated packages also include several hundred bug fixes for and enhancements to the Linux kernel. Space precludes documenting each of these changes in this advisory and users are directed to the Red Hat Enterprise Linux 5.4 Release Notes for information on the most significant of these changes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Release_Notes/ Also, for details concerning every bug fixed in and every enhancement added to the kernel for this release, see the kernel chapter in the Red Hat Enterprise Linux 5.4 Technical Notes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Technical_Notes/kernel.html All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which address these vulnerabilities as well as fixing the bugs and adding the enhancements noted in the Red Hat Enterprise Linux 5.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 43779 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43779 title CentOS 5 : kernel (CESA-2009:1243) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1243 and # CentOS Errata and Security Advisory 2009:1243 respectively. # include("compat.inc"); if (description) { script_id(43779); script_version("1.21"); script_cvs_date("Date: 2019/10/25 13:36:05"); script_cve_id("CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-2847", "CVE-2009-2848"); script_bugtraq_id(35930); script_xref(name:"RHSA", value:"2009:1243"); script_name(english:"CentOS 5 : kernel (CESA-2009:1243)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kernel packages that fix security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the fourth regular update. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important) * a flaw was found in the way the do_sigaltstack() function in the Linux kernel copies the stack_t structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate) * a flaw was found in the ext4 file system code. A local attacker could use this flaw to cause a denial of service by performing a resize operation on a specially crafted ext4 file system. (CVE-2009-0745, Low) * multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially crafted ext4 file system. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, Low) These updated packages also include several hundred bug fixes for and enhancements to the Linux kernel. Space precludes documenting each of these changes in this advisory and users are directed to the Red Hat Enterprise Linux 5.4 Release Notes for information on the most significant of these changes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Release_Notes/ Also, for details concerning every bug fixed in and every enhancement added to the kernel for this release, see the kernel chapter in the Red Hat Enterprise Linux 5.4 Technical Notes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Technical_Notes/kernel.html All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which address these vulnerabilities as well as fixing the bugs and adding the enhancements noted in the Red Hat Enterprise Linux 5.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect." ); # https://lists.centos.org/pipermail/centos-announce/2009-September/016137.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?faf11e01" ); # https://lists.centos.org/pipermail/centos-announce/2009-September/016138.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fe5f2e6c" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(20, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/27"); script_set_attribute(attribute:"patch_publication_date", value:"2009/09/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"kernel-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-debug-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-debug-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-doc-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-headers-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-xen-2.6.18-164.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-xen-devel-2.6.18-164.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1243.NASL description Updated kernel packages that fix security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the fourth regular update. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important) * a flaw was found in the way the do_sigaltstack() function in the Linux kernel copies the stack_t structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate) * a flaw was found in the ext4 file system code. A local attacker could use this flaw to cause a denial of service by performing a resize operation on a specially crafted ext4 file system. (CVE-2009-0745, Low) * multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially crafted ext4 file system. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, Low) These updated packages also include several hundred bug fixes for and enhancements to the Linux kernel. Space precludes documenting each of these changes in this advisory and users are directed to the Red Hat Enterprise Linux 5.4 Release Notes for information on the most significant of these changes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Release_Notes/ Also, for details concerning every bug fixed in and every enhancement added to the kernel for this release, see the kernel chapter in the Red Hat Enterprise Linux 5.4 Technical Notes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Technical_Notes/kernel.html All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which address these vulnerabilities as well as fixing the bugs and adding the enhancements noted in the Red Hat Enterprise Linux 5.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 40835 published 2009-09-02 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40835 title RHEL 5 : kernel (RHSA-2009:1243) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1243. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(40835); script_version ("1.32"); script_cvs_date("Date: 2019/10/25 13:36:14"); script_cve_id("CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-2847", "CVE-2009-2848"); script_bugtraq_id(35930); script_xref(name:"RHSA", value:"2009:1243"); script_name(english:"RHEL 5 : kernel (RHSA-2009:1243)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kernel packages that fix security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the fourth regular update. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important) * a flaw was found in the way the do_sigaltstack() function in the Linux kernel copies the stack_t structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate) * a flaw was found in the ext4 file system code. A local attacker could use this flaw to cause a denial of service by performing a resize operation on a specially crafted ext4 file system. (CVE-2009-0745, Low) * multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially crafted ext4 file system. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, Low) These updated packages also include several hundred bug fixes for and enhancements to the Linux kernel. Space precludes documenting each of these changes in this advisory and users are directed to the Red Hat Enterprise Linux 5.4 Release Notes for information on the most significant of these changes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Release_Notes/ Also, for details concerning every bug fixed in and every enhancement added to the kernel for this release, see the kernel chapter in the Red Hat Enterprise Linux 5.4 Technical Notes : http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ Technical_Notes/kernel.html All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which address these vulnerabilities as well as fixing the bugs and adding the enhancements noted in the Red Hat Enterprise Linux 5.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-0745" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-0746" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-0747" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-0748" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-2847" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-2848" ); # http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/ script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/documentation/en-us/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2009:1243" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(20, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/27"); script_set_attribute(attribute:"patch_publication_date", value:"2009/09/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); include("ksplice.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (get_one_kb_item("Host/ksplice/kernel-cves")) { rm_kb_item(name:"Host/uptrack-uname-r"); cve_list = make_list("CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-2847", "CVE-2009-2848"); if (ksplice_cves_check(cve_list)) { audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2009:1243"); } else { __rpm_report = ksplice_reporting_text(); } } yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2009:1243"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"kernel-doc-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"kernel-headers-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-headers-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-headers-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-devel-2.6.18-164.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-164.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc"); } }NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2009-0016.NASL description a. JRE Security Update JRE update to version 1.5.0_20, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. b. Update Apache Tomcat version Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 (vSphere 4.0) or version 5.5.28 (VirtualCenter 2.5) which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20 and Tomcat 5.5.28: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002. c. Third-party library update for ntp. The Network Time Protocol (NTP) is used to synchronize a computer last seen 2020-06-01 modified 2020-06-02 plugin id 42870 published 2009-11-23 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42870 title VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components. NASL family Misc. NASL id VMWARE_VMSA-2009-0016_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Geronimo - Apache Tomcat - Apache Xerces2 - cURL/libcURL - ISC BIND - Libxml2 - Linux kernel - Linux kernel 64-bit - Linux kernel Common Internet File System - Linux kernel eCryptfs - NTP - Python - Java Runtime Environment (JRE) - Java SE Development Kit (JDK) - Java SE Abstract Window Toolkit (AWT) - Java SE Plugin - Java SE Provider - Java SE Swing - Java SE Web Start last seen 2020-06-01 modified 2020-06-02 plugin id 89117 published 2016-03-03 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89117 title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-751-1.NASL description NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-4307) Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-6107) In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028) The kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service. (CVE-2009-0031) The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065) The eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service. (CVE-2009-0269) The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322) The page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605) Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675) The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676) The ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-0745) The ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748) The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835) The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859) The virtual consoles did not correctly handle certain UTF-8 sequences. A local attacker on the physical console could exploit this to cause a system crash, leading to a denial of service. (CVE-2009-1046). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 37337 published 2009-04-23 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/37337 title Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)
Oval
accepted 2014-01-20T04:01:40.485-05:00 class vulnerability contributors name Pai Peng organization Hewlett-Packard name Chris Coffin organization The MITRE Corporation
definition_extensions comment VMware ESX Server 4.0 is installed oval oval:org.mitre.oval:def:6293 description The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. family unix id oval:org.mitre.oval:def:8585 status accepted submitted 2010-03-19T16:57:59.000-04:00 title VMware kernel ext4_isize function vulnerability version 7 accepted 2013-04-29T04:18:28.295-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. family unix id oval:org.mitre.oval:def:9200 status accepted submitted 2010-07-09T03:56:16-04:00 title The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. version 18
Redhat
| advisories |
| ||||
| rpms |
|
Statements
| contributor | Tomas Hoger |
| lastmodified | 2009-09-02 |
| organization | Red Hat |
| statement | This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG. This issue was addressed in Red Hat Enterprise Linux 5 by https://rhn.redhat.com/errata/RHSA-2009-1243.html |
References
- http://bugzilla.kernel.org/show_bug.cgi?id=12375
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19
- http://www.vupen.com/english/advisories/2009/0509
- http://www.debian.org/security/2009/dsa-1749
- http://secunia.com/advisories/34394
- http://www.ubuntu.com/usn/usn-751-1
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/3316
- http://secunia.com/advisories/37471
- http://secunia.com/advisories/36562
- http://rhn.redhat.com/errata/RHSA-2009-1243.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9200
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8585
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06a279d636734da32bb62dd2f7b0ade666f65d7c