Vulnerabilities > CVE-2012-0207 - Divide By Zero vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Linux IGMP Remote Denial of Service (Introduced in linux-2.6.36). CVE-2012-0207. Dos exploit for linux platform |
| id | EDB-ID:18378 |
| last seen | 2016-02-02 |
| modified | 2012-01-17 |
| published | 2012-01-17 |
| reporter | kingcope |
| source | https://www.exploit-db.com/download/18378/ |
| title | Linux IGMP Remote Denial of Service Introduced in linux-2.6.36 |
Nessus
NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2012-0013.NASL description a. vCenter and ESX update to JRE 1.6.0 Update 31 The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012. b. vCenter Update Manager update to JRE 1.5.0 Update 36 The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in the Oracle Java SE Critical Patch Update Advisory for June 2012. c. Update to ESX/ESXi userworld OpenSSL library The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version 0.9.8t to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, and CVE-2012-0050 to these issues. d. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. e. Update to ESX service console kernel The ESX service console kernel is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-1020, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, CVE-2011-2699, and CVE-2012-1583 to these issues. f. Update to ESX service console Perl RPM The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-2761, CVE-2010-4410, and CVE-2011-3597 to these issues. g. Update to ESX service console libxml2 RPMs The ESX service console libmxl2 RPMs are updated to libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0841 to this issue. h. Update to ESX service console glibc RPM The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, and CVE-2012-0864 to these issue. i. Update to ESX service console GnuTLS RPM The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4128, CVE-2012-1569, and CVE-2012-1573 to these issues. j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to the following versions to resolve multiple security issues : - popt-1.10.2.3-28.el5_8 - rpm-4.4.2.3-28.el5_8 - rpm-libs-4.4.2.3-28.el5_8 - rpm-python-4.4.2.3-28.el5_8 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0060, CVE-2012-0061, and CVE-2012-0815 to these issues. k. Vulnerability in third-party Apache Struts component The version of Apache Struts in vCenter Operations has been updated to 2.3.4 which addresses an arbitrary file overwrite vulnerability. This vulnerability allows an attacker to create a denial of service by overwriting arbitrary files without authentication. The attacker would need to be on the same network as the system where vCOps is installed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0393 to this issue. Note: Apache struts 2.3.4 addresses the following issues as well : CVE-2011-5057, CVE-2012-0391, CVE-2012-0392, CVE-2012-0394. It was found that these do not affect vCOps. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. last seen 2020-06-01 modified 2020-06-02 plugin id 61747 published 2012-08-31 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61747 title VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory 2012-0013. # The text itself is copyright (C) VMware Inc. # include("compat.inc"); if (description) { script_id(61747); script_version("1.56"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/30"); script_cve_id("CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2010-2761", "CVE-2010-4180", "CVE-2010-4252", "CVE-2010-4410", "CVE-2011-0014", "CVE-2011-1020", "CVE-2011-1089", "CVE-2011-1833", "CVE-2011-2484", "CVE-2011-2496", "CVE-2011-2699", "CVE-2011-3188", "CVE-2011-3209", "CVE-2011-3363", "CVE-2011-3597", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4110", "CVE-2011-4128", "CVE-2011-4132", "CVE-2011-4324", "CVE-2011-4325", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4609", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0207", "CVE-2012-0393", "CVE-2012-0815", "CVE-2012-0841", "CVE-2012-0864", "CVE-2012-1569", "CVE-2012-1573", "CVE-2012-1583", "CVE-2012-2110"); script_bugtraq_id(40063, 44199, 45145, 45163, 45164, 46264, 46567, 46740, 47321, 48383, 48802, 49108, 49289, 49626, 49911, 50311, 50609, 50663, 50755, 50798, 50898, 51194, 51257, 51281, 51343, 51366, 51439, 51467, 51563, 52009, 52010, 52011, 52012, 52013, 52014, 52015, 52016, 52017, 52018, 52019, 52020, 52107, 52161, 52201, 52667, 52668, 52865, 53136, 53139, 53158, 53946, 53947, 53948, 53949, 53950, 53951, 53952, 53953, 53954, 53956, 53958, 53959, 53960); script_xref(name:"VMSA", value:"2012-0013"); script_name(english:"VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries"); script_summary(english:"Checks esxupdate output for the patches"); script_set_attribute( attribute:"synopsis", value: "The remote VMware ESXi / ESX host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "a. vCenter and ESX update to JRE 1.6.0 Update 31 The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012. b. vCenter Update Manager update to JRE 1.5.0 Update 36 The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in the Oracle Java SE Critical Patch Update Advisory for June 2012. c. Update to ESX/ESXi userworld OpenSSL library The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version 0.9.8t to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, and CVE-2012-0050 to these issues. d. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. e. Update to ESX service console kernel The ESX service console kernel is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-1020, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, CVE-2011-2699, and CVE-2012-1583 to these issues. f. Update to ESX service console Perl RPM The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-2761, CVE-2010-4410, and CVE-2011-3597 to these issues. g. Update to ESX service console libxml2 RPMs The ESX service console libmxl2 RPMs are updated to libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0841 to this issue. h. Update to ESX service console glibc RPM The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, and CVE-2012-0864 to these issue. i. Update to ESX service console GnuTLS RPM The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4128, CVE-2012-1569, and CVE-2012-1573 to these issues. j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to the following versions to resolve multiple security issues : - popt-1.10.2.3-28.el5_8 - rpm-4.4.2.3-28.el5_8 - rpm-libs-4.4.2.3-28.el5_8 - rpm-python-4.4.2.3-28.el5_8 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0060, CVE-2012-0061, and CVE-2012-0815 to these issues. k. Vulnerability in third-party Apache Struts component The version of Apache Struts in vCenter Operations has been updated to 2.3.4 which addresses an arbitrary file overwrite vulnerability. This vulnerability allows an attacker to create a denial of service by overwriting arbitrary files without authentication. The attacker would need to be on the same network as the system where vCOps is installed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0393 to this issue. Note: Apache struts 2.3.4 addresses the following issues as well : CVE-2011-5057, CVE-2012-0391, CVE-2012-0392, CVE-2012-0394. It was found that these do not affect vCOps. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us." ); script_set_attribute( attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2012/000197.html" ); script_set_attribute(attribute:"solution", value:"Apply the missing patches."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java Applet Field Bytecode Verifier Cache Remote Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:5.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/01"); script_set_attribute(attribute:"patch_publication_date", value:"2012/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"VMware ESX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version"); script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs"); exit(0); } include("audit.inc"); include("vmware_esx_packages.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi"); if ( !get_kb_item("Host/VMware/esxcli_software_vibs") && !get_kb_item("Host/VMware/esxupdate") ) audit(AUDIT_PACKAGE_LIST_MISSING); init_esx_check(date:"2012-08-30"); flag = 0; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201209401-SG", patch_updates : make_list("ESX400-201302401-SG", "ESX400-201305401-SG", "ESX400-201310401-SG", "ESX400-201404401-SG") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201209402-SG", patch_updates : make_list("ESX400-201305404-SG", "ESX400-201310402-SG") ) ) flag++; if (esx_check(ver:"ESX 4.0", patch:"ESX400-201209404-SG")) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208101-SG", patch_updates : make_list("ESX410-201211401-SG", "ESX410-201301401-SG", "ESX410-201304401-SG", "ESX410-201307401-SG", "ESX410-201312401-SG", "ESX410-201404401-SG", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208102-SG", patch_updates : make_list("ESX410-201301405-SG", "ESX410-201304402-SG", "ESX410-201307405-SG", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208103-SG", patch_updates : make_list("ESX410-201307403-SG", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208104-SG", patch_updates : make_list("ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208105-SG", patch_updates : make_list("ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208106-SG", patch_updates : make_list("ESX410-201307404-SG", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201208107-SG", patch_updates : make_list("ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESXi 4.1", patch : "ESXi410-201208101-SG", patch_updates : make_list("ESXi410-201211401-SG", "ESXi410-201301401-SG", "ESXi410-201304401-SG", "ESXi410-201307401-SG", "ESXi410-201312401-SG", "ESXi410-201404401-SG", "ESXi410-Update03") ) ) flag++; if (esx_check(ver:"ESXi 5.0", vib:"VMware:esx-base:5.0.0-1.25.912577")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1380-1.NASL description A flaw was discovered in the TOMOYO LSM last seen 2020-03-18 modified 2012-02-29 plugin id 58170 published 2012-02-29 reporter Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58170 title Ubuntu 11.04 : linux vulnerabilities (USN-1380-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1380-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(58170); script_version("1.13"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/26"); script_cve_id("CVE-2011-2498", "CVE-2011-2518", "CVE-2011-4097", "CVE-2012-0207"); script_bugtraq_id(48477, 50459, 51343); script_xref(name:"USN", value:"1380-1"); script_name(english:"Ubuntu 11.04 : linux vulnerabilities (USN-1380-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. (CVE-2011-2518) A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. (CVE-2011-4097) A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. (CVE-2012-0207). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1380-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/05/17"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/29"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("ksplice.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(11\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 11.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); if (get_one_kb_item("Host/ksplice/kernel-cves")) { rm_kb_item(name:"Host/uptrack-uname-r"); cve_list = make_list("CVE-2011-2498", "CVE-2011-2518", "CVE-2011-4097", "CVE-2012-0207"); if (ksplice_cves_check(cve_list)) { audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1380-1"); } else { _ubuntu_report = ksplice_reporting_text(); } } flag = 0; if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-13-generic", pkgver:"2.6.38-13.56")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-13-generic-pae", pkgver:"2.6.38-13.56")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-13-server", pkgver:"2.6.38-13.56")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-13-versatile", pkgver:"2.6.38-13.56")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-13-virtual", pkgver:"2.6.38-13.56")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-2.6-generic / linux-image-2.6-generic-pae / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-65.NASL description The openSUSE 12.1 kernel was updated to 3.1.9 to fix bugs and security issues. The full list of changes in 3.1.9 is available here : http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.9 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.8 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.7 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.6 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.5 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.4 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.3 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2 Following security issues have been fixed : CVE-2011-2203: Missing NULL pointer check in hfs filesystem code CVE-2011-4604: Fix possible kernel memory corruption if B.A.T.M.A.N. mesh protocol is being used. CVE-2012-0056: Local root vulnerability via writing to /proc/pid/mem CVE-2012-0207: Remote DoS vulnerability via crafted IGMP packages. Following non-security bug fixes have been added : - BTRFS support has been improved with many bug fixes. last seen 2020-06-05 modified 2014-06-13 plugin id 74767 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74767 title openSUSE Security Update : kernel (openSUSE-2012-65) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2012-65. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74767); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2011-2203", "CVE-2011-4604", "CVE-2012-0056", "CVE-2012-0207"); script_name(english:"openSUSE Security Update : kernel (openSUSE-2012-65)"); script_summary(english:"Check for the openSUSE-2012-65 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The openSUSE 12.1 kernel was updated to 3.1.9 to fix bugs and security issues. The full list of changes in 3.1.9 is available here : http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.9 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.8 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.7 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.6 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.5 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.4 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.3 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2 Following security issues have been fixed : CVE-2011-2203: Missing NULL pointer check in hfs filesystem code CVE-2011-4604: Fix possible kernel memory corruption if B.A.T.M.A.N. mesh protocol is being used. CVE-2012-0056: Local root vulnerability via writing to /proc/pid/mem CVE-2012-0207: Remote DoS vulnerability via crafted IGMP packages. Following non-security bug fixes have been added : - BTRFS support has been improved with many bug fixes." ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.2" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.3 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.3" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.4 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.4" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.5 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.5" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.6 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.6" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.7 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.7" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.8 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.8" ); # http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.9 script_set_attribute( attribute:"see_also", value:"https://mirrors.edge.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.1.9" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=672923" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679059" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=689860" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=691052" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=698540" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=699709" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=724616" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=724620" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=724734" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=726296" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=727348" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=730103" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=730731" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=731261" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=736149" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=737624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=740118" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=742279" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=742322" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=743608" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2012/01/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-vanilla-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-syms-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debuginfo-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debugsource-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-3.1.9-1.4.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-debuginfo-3.1.9-1.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1384-1.NASL description A bug was discovered in the Linux kernel last seen 2020-03-18 modified 2012-03-07 plugin id 58265 published 2012-03-07 reporter Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58265 title Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1384-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1384-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(58265); script_version("1.12"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/02"); script_cve_id("CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4622", "CVE-2012-0038", "CVE-2012-0055", "CVE-2012-0207", "CVE-2012-2100"); script_bugtraq_id(50459, 51343, 51529); script_xref(name:"USN", value:"1384-1"); script_name(english:"Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1384-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. (CVE-2011-4097) Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. (CVE-2011-4127) A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. (CVE-2011-4622) A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. (CVE-2012-0055) A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. (CVE-2012-0207) A flaw was found in the Linux kernel's ext4 file system when mounting a corrupt filesystem. A user-assisted remote attacker could exploit this flaw to cause a denial of service. (CVE-2012-2100). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1384-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/27"); script_set_attribute(attribute:"patch_publication_date", value:"2012/03/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("ksplice.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); if (get_one_kb_item("Host/ksplice/kernel-cves")) { rm_kb_item(name:"Host/uptrack-uname-r"); cve_list = make_list("CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4622", "CVE-2012-0038", "CVE-2012-0055", "CVE-2012-0207", "CVE-2012-2100"); if (ksplice_cves_check(cve_list)) { audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1384-1"); } else { _ubuntu_report = ksplice_reporting_text(); } } flag = 0; if (ubuntu_check(osver:"10.04", pkgname:"linux-image-3.0.0-16-generic", pkgver:"3.0.0-16.29~lucid1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"linux-image-3.0.0-16-generic-pae", pkgver:"3.0.0-16.29~lucid1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"linux-image-3.0.0-16-server", pkgver:"3.0.0-16.29~lucid1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"linux-image-3.0.0-16-virtual", pkgver:"3.0.0-16.29~lucid1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.0-generic / linux-image-3.0-generic-pae / etc"); }NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-55.NASL description A buffer overflow flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 69662 published 2013-09-04 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69662 title Amazon Linux AMI : kernel (ALAS-2012-55) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-756.NASL description The openSUSE 11.4 kernel was updated to fix various bugs and security issues. This is the final update of the 2.6.37 kernel of openSUSE 11.4. last seen 2020-06-05 modified 2014-06-13 plugin id 74801 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74801 title openSUSE Security Update : kernel (openSUSE-SU-2012:1439-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0107.NASL description Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue. (CVE-2011-4127, Important) * A flaw was found in the way the Linux kernel handled robust list pointers of user-space held futexes across exec() calls. A local, unprivileged user could use this flaw to cause a denial of service or, eventually, escalate their privileges. (CVE-2012-0028, Important) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 57922 published 2012-02-14 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57922 title CentOS 5 : kernel (CESA-2012:0107) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0333.NASL description Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 2.1. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages contain the Linux kernel. Security fixes : * SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. (CVE-2011-4127, Important) * A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. (CVE-2012-0044, Important) * A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. (CVE-2011-2918, Moderate) * A local, unprivileged user could use flaws in the XFS file system implementation to cause a denial of service or escalate their privileges by mounting a specially crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate) * A local, unprivileged user could use a flaw in the Out of Memory (OOM) killer to monopolize memory, have their process skipped by the OOM killer, or cause other tasks to be terminated. (CVE-2011-4097, Moderate) * A local, unprivileged user could use a flaw in the key management facility to cause a denial of service. (CVE-2011-4110, Moderate) * A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. (CVE-2011-4131, Moderate) * A local attacker could use a flaw in the Journaling Block Device (JBD) to crash the system by mounting a specially crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate) * A flaw in igmp_heard_query() could allow an attacker, who is able to send certain IGMP (Internet Group Management Protocol) packets to a target system, to cause a denial of service. (CVE-2012-0207, Moderate) * If lock contention during signal sending occurred when in a software interrupt handler that is using the per-CPU debug stack, the task could be scheduled out on the realtime kernel, possibly leading to debug stack corruption. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-0810, Moderate) Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044; Wang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting CVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie for reporting CVE-2012-0207. Bug fixes : * When a sleeping task, waiting on a futex (fast userspace mutex), tried to get the spin_lock(hb->lock) RT-mutex, if the owner of the futex released the lock, the sleeping task was put on a futex proxy lock. Consequently, the sleeping task was blocked on two locks and eventually terminated in the BUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has been added to be used as a proxy lock. This pseudo-lock tells the sleeping task that it is being woken up so that the task no longer tries to get the second lock. Now, the futex code works as expected and sleeping tasks no longer crash in the described scenario. (BZ#784733) * When the CONFIG_CRYPTO_FIPS configuration option was disabled, some services such as sshd and ipsec, while working properly, returned warning messages regarding this missing option during start up. With this update, CONFIG_CRYPTO_FIPS has been enabled and no warning messages are now returned in the described scenario. (BZ#786145) * Previously, when a read operation on a loop device failed, the data successfully read from the device was not cleared and could eventually leak. This bug has been fixed and all data are now properly cleared in the described scenario. (BZ#761420) * Due to an assembler-sourced object, the perf utility (from the perf-rt package) for AMD64 and Intel 64 architectures contained an executable stack. This update adds the last seen 2020-06-01 modified 2020-06-02 plugin id 76639 published 2014-07-22 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76639 title RHEL 6 : MRG (RHSA-2012:0333) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0107.NASL description From Red Hat Security Advisory 2012:0107 : Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue. (CVE-2011-4127, Important) * A flaw was found in the way the Linux kernel handled robust list pointers of user-space held futexes across exec() calls. A local, unprivileged user could use this flaw to cause a denial of service or, eventually, escalate their privileges. (CVE-2012-0028, Important) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 68454 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68454 title Oracle Linux 5 : kernel (ELSA-2012-0107) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0168.NASL description An updated rhev-hypervisor5 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A divide-by-zero flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 79283 published 2014-11-17 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79283 title RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168) NASL family Scientific Linux Local Security Checks NASL id SL_20120209_KERNEL_ON_SL5_X.NASL description The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. (CVE-2011-4127, Important) - A flaw was found in the way the Linux kernel handled robust list pointers of user-space held futexes across exec() calls. A local, unprivileged user could use this flaw to cause a denial of service or, eventually, escalate their privileges. (CVE-2012-0028, Important) - A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) - A flaw was found in the way the Linux kernel last seen 2020-03-18 modified 2012-08-01 plugin id 61241 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61241 title Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20120209) NASL family Misc. NASL id VMWARE_VMSA-2012-0013_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party libraries : - Apache Struts - glibc - GnuTLS - JRE - kernel - libxml2 - OpenSSL - Perl - popt and rpm last seen 2020-06-01 modified 2020-06-02 plugin id 89038 published 2016-02-29 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89038 title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1363-1.NASL description A bug was discovered in the Linux kernel last seen 2020-03-18 modified 2012-02-14 plugin id 57937 published 2012-02-14 reporter Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57937 title Ubuntu 11.10 : linux vulnerabilities (USN-1363-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0350.NASL description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A buffer overflow flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 58275 published 2012-03-08 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58275 title CentOS 6 : kernel (CESA-2012:0350) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1356-1.NASL description A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the system. (CVE-2012-0044) A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. (CVE-2012-0207) last seen 2020-06-01 modified 2020-06-02 plugin id 57856 published 2012-02-07 reporter Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57856 title USN-1356-1 : linux-ti-omap4 vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0350.NASL description Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A buffer overflow flaw was found in the way the Linux kernel last seen 2020-04-16 modified 2012-03-07 plugin id 58261 published 2012-03-07 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58261 title RHEL 6 : kernel (RHSA-2012:0350) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0422.NASL description An updated rhev-hypervisor6 package that fixes two security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 79285 published 2014-11-17 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79285 title RHEL 6 : rhev-hypervisor6 (RHSA-2012:0422) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1364-1.NASL description A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. (CVE-2012-0055) Juri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges. (CVE-2012-0056) A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. (CVE-2012-0207) last seen 2020-06-01 modified 2020-06-02 plugin id 57938 published 2012-02-14 reporter Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57938 title USN-1364-1 : linux-ti-omap4 vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0350.NASL description From Red Hat Security Advisory 2012:0350 : Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A buffer overflow flaw was found in the way the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 68491 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68491 title Oracle Linux 6 : kernel (ELSA-2012-0350) NASL family Scientific Linux Local Security Checks NASL id SL_20120306_KERNEL_ON_SL6_X.NASL description The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - A buffer overflow flaw was found in the way the Linux kernel last seen 2020-03-18 modified 2012-08-01 plugin id 61277 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61277 title Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120306) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0107.NASL description Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue. (CVE-2011-4127, Important) * A flaw was found in the way the Linux kernel handled robust list pointers of user-space held futexes across exec() calls. A local, unprivileged user could use this flaw to cause a denial of service or, eventually, escalate their privileges. (CVE-2012-0028, Important) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A flaw was found in the way the Linux kernel last seen 2020-04-16 modified 2012-02-10 plugin id 57885 published 2012-02-10 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57885 title RHEL 5 : kernel (RHSA-2012:0107) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-342.NASL description This kernel update of the openSUSE 12.1 kernel fixes lots of bugs and security issues. Following issues were fixed : - tcp: drop SYN+FIN messages (bnc#765102). - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (bnc#765320, CVE-2012-2136). - fcaps: clear the same personality flags as suid when fcaps are used (bnc#758260 CVE-2012-2123). - macvtap: zerocopy: validate vectors before building skb (bnc#758243 CVE-2012-2119). - hfsplus: Fix potential buffer overflows (bnc#760902 CVE-2009-4020). - xfrm: take net hdr len into account for esp payload size calculation (bnc#759545). - ext4: fix undefined behavior in ext4_fill_flex_info() (bnc#757278). - igb: fix rtnl race in PM resume path (bnc#748859). - ixgbe: add missing rtnl_lock in PM resume path (bnc#748859). - b43: allocate receive buffers big enough for max frame len + offset (bnc#717749). - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. - xenbus_dev: add missing error checks to watch handling. - hwmon: (coretemp-xen) Fix TjMax detection for older CPUs. - hwmon: (coretemp-xen) Relax target temperature range check. - Refresh other Xen patches. - tlan: add cast needed for proper 64 bit operation (bnc#756840). - dl2k: Tighten ioctl permissions (bnc#758813). - [media] cx22702: Fix signal strength. - fs: cachefiles: Add support for large files in filesystem caching (bnc#747038). - bridge: correct IPv6 checksum after pull (bnc#738644). - bridge: fix a possible use after free (bnc#738644). - bridge: Pseudo-header required for the checksum of ICMPv6 (bnc#738644). - bridge: mcast snooping, fix length check of snooped MLDv1/2 (bnc#738644). - PCI/ACPI: Report ASPM support to BIOS if not disabled from command line (bnc#714455). - ipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID (bnc#756203). - drm/i915/crt: Remove 0xa0 probe for VGA. - tty_audit: fix tty_audit_add_data live lock on audit disabled (bnc#721366). - drm/i915: suspend fbdev device around suspend/hibernate (bnc#732908). - dlm: Do not allocate a fd for peeloff (bnc#729247). - sctp: Export sctp_do_peeloff (bnc#729247). - i2c-algo-bit: Fix spurious SCL timeouts under heavy load. - patches.fixes/epoll-dont-limit-non-nested.patch: Don last seen 2020-06-05 modified 2014-06-13 plugin id 74658 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74658 title openSUSE Security Update : Kernel (openSUSE-SU-2012:0799-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-2003.NASL description Description of changes: * CVE-2012-0207: Denial of service bug in IGMP. The IGMP subsystem last seen 2020-06-01 modified 2020-06-02 plugin id 68669 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68669 title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2003) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1386-1.NASL description The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. (CVE-2011-2498) A flaw was discovered in the TOMOYO LSM last seen 2020-03-18 modified 2012-03-07 plugin id 58267 published 2012-03-07 reporter Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58267 title Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1386-1)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:30032 |
| last seen | 2017-11-19 |
| modified | 2012-01-18 |
| published | 2012-01-18 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-30032 |
| title | Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36) |
References
- http://www.openwall.com/lists/oss-security/2012/01/10/5
- https://bugzilla.redhat.com/show_bug.cgi?id=772867
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1
- https://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876
- https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27