Vulnerabilities > CVE-2012-0957 - Configuration vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Linux Kernel 3.2.x 'uname()' System Call Local Information Disclosure Vulnerability. CVE-2012-0957. Local exploit for linux platform |
id | EDB-ID:37937 |
last seen | 2016-02-04 |
modified | 2012-10-09 |
published | 2012-10-09 |
reporter | Brad Spengler |
source | https://www.exploit-db.com/download/37937/ |
title | Linux Kernel 3.2.x 'uname' System Call Local Information Disclosure Vulnerability |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_KERNEL-130125.NASL description The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.58, fixing various bugs and security issues. The updates contains the following feature enhancement : - Enable various md/raid10 and DASD enhancements. - Make is possible for RAID10 to cope with DASD devices being slow for various reasons - the affected device will be temporarily removed from the array. - Added support for reshaping of RAID10 arrays, mdadm changes will be published to support the changes. The following security issues were fixed : - A division by zero in the TCP Illinois algorithm. (CVE-2012-4565) - The uname26 personality leaked kernel memory information. (CVE-2012-0957) - Kernel stack content disclosure via binfmt_script load_script(). (CVE-2012-4530) The following non-security issues were fixed : - BTRFS : - btrfs: reset path lock state to zero. - btrfs: fix off-by-one in lseek. - btrfs: fix btrfs_cont_expand() freeing IS_ERR em. - btrfs: update timestamps on truncate(). - btrfs: put csums on the right ordered extent. - btrfs: use existing align macros in btrfs_allocate() - btrfs: fix off-by-one error of the reserved size of btrfs_allocate() - btrfs: add fiemaps flag check - btrfs: fix permissions of empty files not affected by umask - btrfs: do not auto defrag a file when doing directIO - btrfs: fix wrong return value of btrfs_truncate_page() - btrfs: Notify udev when removing device - btrfs: fix permissions of empty files not affected by umask - btrfs: fix hash overflow handling - btrfs: do not delete a subvolume which is in a R/O subvolume - btrfs: remove call to btrfs_wait_ordered_extents to avoid potential deadlock. - btrfs: update the checks for mixed block groups with big metadata blocks - btrfs: Fix use-after-free in __btrfs_end_transaction - btrfs: use commit root when loading free space cache. - btrfs: avoid setting ->d_op twice (FATE#306586 bnc#731387). - btrfs: fix race in reada (FATE#306586). - btrfs: do not add both copies of DUP to reada extent tree - btrfs: do not mount when we have a sectorsize unequal to PAGE_SIZE - btrfs: add missing unlocks to transaction abort paths - btrfs: avoid sleeping in verify_parent_transid while atomic - btrfs: disallow unequal data/metadata blocksize for mixed block groups - btrfs: enhance superblock sanity checks. (bnc#749651) - btrfs: sanitizing ->fs_info, parts 1-5. - btrfs: make open_ctree() return int. - btrfs: kill pointless reassignment of ->s_fs_info in btrfs_fill_super(). - btrfs: merge free_fs_info() calls on fill_super failures. - btrfs: make free_fs_info() call ->kill_sb() unconditional. - btrfs: consolidate failure exits in btrfs_mount() a bit. - btrfs: let ->s_fs_info point to fs_info, not root... - btrfs: take allocation of ->tree_root into open_ctree(). - Update DASD blk_timeout patches after review by IBM : - dasd: Abort all requests from ioctl - dasd: Disable block timeouts per default - dasd: Reduce amount of messages for specific errors - dasd: Rename ioctls - dasd: check blk_noretry_request in dasd_times_out() - dasd: lock ccw queue in dasd_times_out() - dasd: make DASD_FLAG_TIMEOUT setting more robust - dasd: rename flag to abortall - LPFC : - Update lpfc version for 8.3.5.48.3p driver release. - lpfc 8.3.32: Correct successful aborts returning error status. - lpfc 8.3.34: Correct lock handling to eliminate reset escalation on I/O abort. - lpfc 8.3.34: Streamline fcp underrun message printing. - DRM/i915 : - drm/i915: EBUSY status handling added to i915_gem_fault(). - drm/i915: Only clear the GPU domains upon a successful finish. - drm/i915: always use RPNSWREQ for turbo change requests. - drm/i915: do not call modeset_init_hw in i915_reset. - drm/i915: do not hang userspace when the gpu reset is stuck. - drm/i915: do not trylock in the gpu reset code. - drm/i915: re-init modeset hw state after gpu reset. - HyperV : - x86: Hyper-V: register clocksource only if its advertised. - Other : - xfrm: fix freed block size calculation in xfrm_policy_fini(). - bonding: in balance-rr mode, set curr_active_slave only if it is up. - kernel: broken interrupt statistics (LTC#87893). - kernel: sched_clock() overflow (LTC#87978). - mm: call sleep_on_page_killable from __wait_on_page_locked_killable. - TTY: do not reset masters packet mode. - patches.suse/kbuild-record-built-in-o: Avoid using printf(1) in Makefile.build - rpm/built-in-where.mk: Do not rely on the *.parts file to be newline-separated. - NFS: Allow sec=none mounts in certain cases. - NFS: fix recent breakage to NFS error handling. - bridge: Pull ip header into skb->data before looking into ip header. - dm mpath: allow ioctls to trigger pg init. - dm mpath: only retry ioctl when no paths if queue_if_no_path set. - radix-tree: fix preload vector size. - sched, rt: Unthrottle rt runqueues in __disable_runtime(). - sched/rt: Fix SCHED_RR across cgroups. - sched/rt: Do not throttle when PI boosting. - sched/rt: Keep period timer ticking when rt throttling is active. - sched/rt: Prevent idle task boosting. - mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - kabi fixup for mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - Refresh Xen patches after update to 3.0.57. - aio: make kiocb->private NUll in init_sync_kiocb(). - qeth: Fix retry logic in hardsetup. (LTC#87080) - netiucv: reinsert dev_alloc_name for device naming. (LTC#87086) - qeth: set new mac even if old mac is gone (2). (LTC#87138) - ocfs2: use spinlock irqsave for downconvert lock.patch. - af_netlink: force credentials passing. - af_unix: dont send SCM_CREDENTIALS by default. - sunrpc: increase maximum slots to use. - bio: bio allocation failure due to bio_get_nr_vecs(). - bio: do not overflow in bio_get_nr_vecs(). - md: close race between removing and adding a device. - thp, memcg: split hugepage for memcg oom on cow. - bonding: delete migrated IP addresses from the rlb hash table. - xfs: Fix re-use of EWOULDBLOCK during read on dm-mirror. - qla2xxx: Determine the number of outstanding commands based on available resources. - qla2xxx: Ramp down queue depth for attached SCSI devices. - autofs4: fix lockdep splat in autofs. - ipv6: tcp: fix panic in SYN processing. - add splash=black option to bootsplash code, to keep a black background, useful for remote access to VMs. last seen 2020-06-05 modified 2013-02-08 plugin id 64500 published 2013-02-08 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64500 title SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7273 / 7276 / 7277) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(64500); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0957", "CVE-2012-4530", "CVE-2012-4565"); script_name(english:"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7273 / 7276 / 7277)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.58, fixing various bugs and security issues. The updates contains the following feature enhancement : - Enable various md/raid10 and DASD enhancements. - Make is possible for RAID10 to cope with DASD devices being slow for various reasons - the affected device will be temporarily removed from the array. - Added support for reshaping of RAID10 arrays, mdadm changes will be published to support the changes. The following security issues were fixed : - A division by zero in the TCP Illinois algorithm. (CVE-2012-4565) - The uname26 personality leaked kernel memory information. (CVE-2012-0957) - Kernel stack content disclosure via binfmt_script load_script(). (CVE-2012-4530) The following non-security issues were fixed : - BTRFS : - btrfs: reset path lock state to zero. - btrfs: fix off-by-one in lseek. - btrfs: fix btrfs_cont_expand() freeing IS_ERR em. - btrfs: update timestamps on truncate(). - btrfs: put csums on the right ordered extent. - btrfs: use existing align macros in btrfs_allocate() - btrfs: fix off-by-one error of the reserved size of btrfs_allocate() - btrfs: add fiemaps flag check - btrfs: fix permissions of empty files not affected by umask - btrfs: do not auto defrag a file when doing directIO - btrfs: fix wrong return value of btrfs_truncate_page() - btrfs: Notify udev when removing device - btrfs: fix permissions of empty files not affected by umask - btrfs: fix hash overflow handling - btrfs: do not delete a subvolume which is in a R/O subvolume - btrfs: remove call to btrfs_wait_ordered_extents to avoid potential deadlock. - btrfs: update the checks for mixed block groups with big metadata blocks - btrfs: Fix use-after-free in __btrfs_end_transaction - btrfs: use commit root when loading free space cache. - btrfs: avoid setting ->d_op twice (FATE#306586 bnc#731387). - btrfs: fix race in reada (FATE#306586). - btrfs: do not add both copies of DUP to reada extent tree - btrfs: do not mount when we have a sectorsize unequal to PAGE_SIZE - btrfs: add missing unlocks to transaction abort paths - btrfs: avoid sleeping in verify_parent_transid while atomic - btrfs: disallow unequal data/metadata blocksize for mixed block groups - btrfs: enhance superblock sanity checks. (bnc#749651) - btrfs: sanitizing ->fs_info, parts 1-5. - btrfs: make open_ctree() return int. - btrfs: kill pointless reassignment of ->s_fs_info in btrfs_fill_super(). - btrfs: merge free_fs_info() calls on fill_super failures. - btrfs: make free_fs_info() call ->kill_sb() unconditional. - btrfs: consolidate failure exits in btrfs_mount() a bit. - btrfs: let ->s_fs_info point to fs_info, not root... - btrfs: take allocation of ->tree_root into open_ctree(). - Update DASD blk_timeout patches after review by IBM : - dasd: Abort all requests from ioctl - dasd: Disable block timeouts per default - dasd: Reduce amount of messages for specific errors - dasd: Rename ioctls - dasd: check blk_noretry_request in dasd_times_out() - dasd: lock ccw queue in dasd_times_out() - dasd: make DASD_FLAG_TIMEOUT setting more robust - dasd: rename flag to abortall - LPFC : - Update lpfc version for 8.3.5.48.3p driver release. - lpfc 8.3.32: Correct successful aborts returning error status. - lpfc 8.3.34: Correct lock handling to eliminate reset escalation on I/O abort. - lpfc 8.3.34: Streamline fcp underrun message printing. - DRM/i915 : - drm/i915: EBUSY status handling added to i915_gem_fault(). - drm/i915: Only clear the GPU domains upon a successful finish. - drm/i915: always use RPNSWREQ for turbo change requests. - drm/i915: do not call modeset_init_hw in i915_reset. - drm/i915: do not hang userspace when the gpu reset is stuck. - drm/i915: do not trylock in the gpu reset code. - drm/i915: re-init modeset hw state after gpu reset. - HyperV : - x86: Hyper-V: register clocksource only if its advertised. - Other : - xfrm: fix freed block size calculation in xfrm_policy_fini(). - bonding: in balance-rr mode, set curr_active_slave only if it is up. - kernel: broken interrupt statistics (LTC#87893). - kernel: sched_clock() overflow (LTC#87978). - mm: call sleep_on_page_killable from __wait_on_page_locked_killable. - TTY: do not reset masters packet mode. - patches.suse/kbuild-record-built-in-o: Avoid using printf(1) in Makefile.build - rpm/built-in-where.mk: Do not rely on the *.parts file to be newline-separated. - NFS: Allow sec=none mounts in certain cases. - NFS: fix recent breakage to NFS error handling. - bridge: Pull ip header into skb->data before looking into ip header. - dm mpath: allow ioctls to trigger pg init. - dm mpath: only retry ioctl when no paths if queue_if_no_path set. - radix-tree: fix preload vector size. - sched, rt: Unthrottle rt runqueues in __disable_runtime(). - sched/rt: Fix SCHED_RR across cgroups. - sched/rt: Do not throttle when PI boosting. - sched/rt: Keep period timer ticking when rt throttling is active. - sched/rt: Prevent idle task boosting. - mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - kabi fixup for mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - Refresh Xen patches after update to 3.0.57. - aio: make kiocb->private NUll in init_sync_kiocb(). - qeth: Fix retry logic in hardsetup. (LTC#87080) - netiucv: reinsert dev_alloc_name for device naming. (LTC#87086) - qeth: set new mac even if old mac is gone (2). (LTC#87138) - ocfs2: use spinlock irqsave for downconvert lock.patch. - af_netlink: force credentials passing. - af_unix: dont send SCM_CREDENTIALS by default. - sunrpc: increase maximum slots to use. - bio: bio allocation failure due to bio_get_nr_vecs(). - bio: do not overflow in bio_get_nr_vecs(). - md: close race between removing and adding a device. - thp, memcg: split hugepage for memcg oom on cow. - bonding: delete migrated IP addresses from the rlb hash table. - xfs: Fix re-use of EWOULDBLOCK during read on dm-mirror. - qla2xxx: Determine the number of outstanding commands based on available resources. - qla2xxx: Ramp down queue depth for attached SCSI devices. - autofs4: fix lockdep splat in autofs. - ipv6: tcp: fix panic in SYN processing. - add splash=black option to bootsplash code, to keep a black background, useful for remote access to VMs." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=729854" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=731387" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=736255" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=739728" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=745876" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=749651" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=758104" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=762158" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=763463" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773487" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773831" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=775685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=778136" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=779577" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=780008" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=782721" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=783515" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=786013" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=786976" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=787348" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=787576" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=787848" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=789115" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=789648" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=789993" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=790935" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=791498" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=791853" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=791904" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=792270" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=792500" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=792656" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=792834" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=793104" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=793139" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=793593" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=793671" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=794231" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=794824" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=795354" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=797042" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=798960" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=799209" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=799275" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=799909" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-0957.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-4530.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-4565.html" ); script_set_attribute( attribute:"solution", value:"Apply SAT patch number 7273 / 7276 / 7277 as appropriate." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-man"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-syms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2013/01/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2"); flag = 0; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-source-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-syms-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-source-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-syms-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-extra-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++; if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-source-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-syms-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"kernel-default-man-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++; if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-176.NASL description The Linux kernel was updated to fix various bugs and security issues : CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. CVE-2013-0160: Avoid a side channel attack on /dev/ptmx (keyboard input timing). CVE-2012-5374: Fixed a local denial of service in the BTRFS hashing code. CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux kernel, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. CVE-2013-0268: The msr_open function in arch/x86/kernel/msr.c in the Linux kernel allowed local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. CVE-2012-0957: The override_release function in kernel/sys.c in the Linux kernel allowed local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. CVE-2013-0216: The Xen netback functionality in the Linux kernel allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third-party information. CVE-2012-4530: The load_script function in fs/binfmt_script.c in the Linux kernel did not properly handle recursion, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application. CVE-2012-4508: Race condition in fs/ext4/extents.c in the Linux kernel allowed local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux kernel allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux kernel provided an invalid replacement session keyring to a child process, which allowed local users to cause a denial of service (panic) via a crafted application that uses the fork system call. CVE-2012-3375: The epoll_ctl system call in fs/eventpoll.c in the Linux kernel did not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allowed local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. last seen 2020-06-05 modified 2014-06-13 plugin id 74914 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74914 title openSUSE Security Update : kernel (openSUSE-SU-2013:0396-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2013-176. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74914); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0957", "CVE-2012-2745", "CVE-2012-3375", "CVE-2012-3400", "CVE-2012-3412", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-5374", "CVE-2013-0160", "CVE-2013-0216", "CVE-2013-0231", "CVE-2013-0268", "CVE-2013-0309", "CVE-2013-0871"); script_name(english:"openSUSE Security Update : kernel (openSUSE-SU-2013:0396-1)"); script_summary(english:"Check for the openSUSE-2013-176 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Linux kernel was updated to fix various bugs and security issues : CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. CVE-2013-0160: Avoid a side channel attack on /dev/ptmx (keyboard input timing). CVE-2012-5374: Fixed a local denial of service in the BTRFS hashing code. CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux kernel, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. CVE-2013-0268: The msr_open function in arch/x86/kernel/msr.c in the Linux kernel allowed local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. CVE-2012-0957: The override_release function in kernel/sys.c in the Linux kernel allowed local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. CVE-2013-0216: The Xen netback functionality in the Linux kernel allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third-party information. CVE-2012-4530: The load_script function in fs/binfmt_script.c in the Linux kernel did not properly handle recursion, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application. CVE-2012-4508: Race condition in fs/ext4/extents.c in the Linux kernel allowed local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux kernel allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux kernel provided an invalid replacement session keyring to a child process, which allowed local users to cause a denial of service (panic) via a crafted application that uses the fork system call. CVE-2012-3375: The epoll_ctl system call in fs/eventpoll.c in the Linux kernel did not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allowed local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=714906" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=720226" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=733148" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=755546" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=762693" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=765524" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=768506" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=769784" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=769896" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=770695" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773406" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773831" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=774285" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=774523" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=774859" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=776144" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=778630" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=779432" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=781134" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=783515" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=784192" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=786013" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=787168" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=792500" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=793671" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=797175" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=799209" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=800280" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=801178" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=801782" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=802153" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=802642" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=804154" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=804652" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=804738" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2013-03/msg00013.html" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-vanilla-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-syms-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debuginfo-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debugsource-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-3.1.10-1.19.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-debuginfo-3.1.10-1.19.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2012-16787.NASL description The Linux 3.6.3 stable update contains a large number of bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-11-09 plugin id 62864 published 2012-11-09 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62864 title Fedora 18 : kernel-3.6.3-3.fc18 (2012-16787) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1644-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63116 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63116 title Ubuntu 12.04 LTS : linux vulnerabilities (USN-1644-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1649-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63121 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63121 title USN-1649-1 : linux-ti-omap4 vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1646-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63118 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63118 title Ubuntu 12.10 : linux vulnerabilities (USN-1646-1) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-142.NASL description A use-after-free flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 69632 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69632 title Amazon Linux AMI : kernel (ALAS-2012-142) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1648-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63120 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63120 title Ubuntu 11.10 : linux vulnerabilities (USN-1648-1) NASL family Fedora Local Security Checks NASL id FEDORA_2012-16669.NASL description Update to Linux 3.6.3. Various fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-10-29 plugin id 62730 published 2012-10-29 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62730 title Fedora 17 : kernel-3.6.3-1.fc17 (2012-16669) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1652-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63124 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63124 title Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1652-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1704-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63669 published 2013-01-23 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63669 title Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal vulnerabilities (USN-1704-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-2507.NASL description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s). last seen 2020-06-01 modified 2020-06-02 plugin id 68847 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68847 title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2507) NASL family Fedora Local Security Checks NASL id FEDORA_2012-17479.NASL description This Linux 3.6.5 stable update contains a large number of important bugfixes and security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-11-07 plugin id 62831 published 2012-11-07 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62831 title Fedora 16 : kernel-3.6.5-2.fc16 (2012-17479) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1645-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63117 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63117 title USN-1645-1 : linux-ti-omap4 vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1704-2.NASL description USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 64436 published 2013-02-04 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/64436 title Ubuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal regression (USN-1704-2) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1491.NASL description Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A flaw was found in the way Netlink messages without SCM_CREDENTIALS (used for authentication) data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink message to appear as if it were sent with root privileges. A local, unprivileged user could use this flaw to send spoofed Netlink messages to an application, possibly resulting in the application performing privileged operations if it relied on SCM_CREDENTIALS data for the authentication of Netlink messages. (CVE-2012-3520, Important) * A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important) * A use-after-free flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 76653 published 2014-07-22 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76653 title RHEL 6 : MRG (RHSA-2012:1491) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1647-1.NASL description Brad Spengler discovered a flaw in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 63119 published 2012-12-02 reporter Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63119 title USN-1647-1 : linux-ti-omap4 vulnerabilities
Redhat
rpms |
|
References
- http://www.openwall.com/lists/oss-security/2012/10/09/4
- https://bugzilla.redhat.com/show_bug.cgi?id=862877
- https://github.com/torvalds/linux/commit/2702b1526c7278c4d65d78de209a465d4de2885e
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16
- http://www.ubuntu.com/usn/USN-1648-1
- http://www.ubuntu.com/usn/USN-1644-1
- http://www.ubuntu.com/usn/USN-1647-1
- http://www.ubuntu.com/usn/USN-1649-1
- http://www.ubuntu.com/usn/USN-1646-1
- http://www.ubuntu.com/usn/USN-1645-1
- http://www.ubuntu.com/usn/USN-1652-1
- http://secunia.com/advisories/51409
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2702b1526c7278c4d65d78de209a465d4de2885e