Vulnerabilities > CVE-2012-0957 - Configuration vulnerability in Linux Kernel

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
linux
CWE-16
nessus
exploit available

Summary

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

Vulnerable Configurations

Part Description Count
OS
Linux
1598

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionLinux Kernel 3.2.x 'uname()' System Call Local Information Disclosure Vulnerability. CVE-2012-0957. Local exploit for linux platform
idEDB-ID:37937
last seen2016-02-04
modified2012-10-09
published2012-10-09
reporterBrad Spengler
sourcehttps://www.exploit-db.com/download/37937/
titleLinux Kernel 3.2.x 'uname' System Call Local Information Disclosure Vulnerability

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_KERNEL-130125.NASL
    descriptionThe SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.58, fixing various bugs and security issues. The updates contains the following feature enhancement : - Enable various md/raid10 and DASD enhancements. - Make is possible for RAID10 to cope with DASD devices being slow for various reasons - the affected device will be temporarily removed from the array. - Added support for reshaping of RAID10 arrays, mdadm changes will be published to support the changes. The following security issues were fixed : - A division by zero in the TCP Illinois algorithm. (CVE-2012-4565) - The uname26 personality leaked kernel memory information. (CVE-2012-0957) - Kernel stack content disclosure via binfmt_script load_script(). (CVE-2012-4530) The following non-security issues were fixed : - BTRFS : - btrfs: reset path lock state to zero. - btrfs: fix off-by-one in lseek. - btrfs: fix btrfs_cont_expand() freeing IS_ERR em. - btrfs: update timestamps on truncate(). - btrfs: put csums on the right ordered extent. - btrfs: use existing align macros in btrfs_allocate() - btrfs: fix off-by-one error of the reserved size of btrfs_allocate() - btrfs: add fiemaps flag check - btrfs: fix permissions of empty files not affected by umask - btrfs: do not auto defrag a file when doing directIO - btrfs: fix wrong return value of btrfs_truncate_page() - btrfs: Notify udev when removing device - btrfs: fix permissions of empty files not affected by umask - btrfs: fix hash overflow handling - btrfs: do not delete a subvolume which is in a R/O subvolume - btrfs: remove call to btrfs_wait_ordered_extents to avoid potential deadlock. - btrfs: update the checks for mixed block groups with big metadata blocks - btrfs: Fix use-after-free in __btrfs_end_transaction - btrfs: use commit root when loading free space cache. - btrfs: avoid setting ->d_op twice (FATE#306586 bnc#731387). - btrfs: fix race in reada (FATE#306586). - btrfs: do not add both copies of DUP to reada extent tree - btrfs: do not mount when we have a sectorsize unequal to PAGE_SIZE - btrfs: add missing unlocks to transaction abort paths - btrfs: avoid sleeping in verify_parent_transid while atomic - btrfs: disallow unequal data/metadata blocksize for mixed block groups - btrfs: enhance superblock sanity checks. (bnc#749651) - btrfs: sanitizing ->fs_info, parts 1-5. - btrfs: make open_ctree() return int. - btrfs: kill pointless reassignment of ->s_fs_info in btrfs_fill_super(). - btrfs: merge free_fs_info() calls on fill_super failures. - btrfs: make free_fs_info() call ->kill_sb() unconditional. - btrfs: consolidate failure exits in btrfs_mount() a bit. - btrfs: let ->s_fs_info point to fs_info, not root... - btrfs: take allocation of ->tree_root into open_ctree(). - Update DASD blk_timeout patches after review by IBM : - dasd: Abort all requests from ioctl - dasd: Disable block timeouts per default - dasd: Reduce amount of messages for specific errors - dasd: Rename ioctls - dasd: check blk_noretry_request in dasd_times_out() - dasd: lock ccw queue in dasd_times_out() - dasd: make DASD_FLAG_TIMEOUT setting more robust - dasd: rename flag to abortall - LPFC : - Update lpfc version for 8.3.5.48.3p driver release. - lpfc 8.3.32: Correct successful aborts returning error status. - lpfc 8.3.34: Correct lock handling to eliminate reset escalation on I/O abort. - lpfc 8.3.34: Streamline fcp underrun message printing. - DRM/i915 : - drm/i915: EBUSY status handling added to i915_gem_fault(). - drm/i915: Only clear the GPU domains upon a successful finish. - drm/i915: always use RPNSWREQ for turbo change requests. - drm/i915: do not call modeset_init_hw in i915_reset. - drm/i915: do not hang userspace when the gpu reset is stuck. - drm/i915: do not trylock in the gpu reset code. - drm/i915: re-init modeset hw state after gpu reset. - HyperV : - x86: Hyper-V: register clocksource only if its advertised. - Other : - xfrm: fix freed block size calculation in xfrm_policy_fini(). - bonding: in balance-rr mode, set curr_active_slave only if it is up. - kernel: broken interrupt statistics (LTC#87893). - kernel: sched_clock() overflow (LTC#87978). - mm: call sleep_on_page_killable from __wait_on_page_locked_killable. - TTY: do not reset masters packet mode. - patches.suse/kbuild-record-built-in-o: Avoid using printf(1) in Makefile.build - rpm/built-in-where.mk: Do not rely on the *.parts file to be newline-separated. - NFS: Allow sec=none mounts in certain cases. - NFS: fix recent breakage to NFS error handling. - bridge: Pull ip header into skb->data before looking into ip header. - dm mpath: allow ioctls to trigger pg init. - dm mpath: only retry ioctl when no paths if queue_if_no_path set. - radix-tree: fix preload vector size. - sched, rt: Unthrottle rt runqueues in __disable_runtime(). - sched/rt: Fix SCHED_RR across cgroups. - sched/rt: Do not throttle when PI boosting. - sched/rt: Keep period timer ticking when rt throttling is active. - sched/rt: Prevent idle task boosting. - mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - kabi fixup for mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT. - Refresh Xen patches after update to 3.0.57. - aio: make kiocb->private NUll in init_sync_kiocb(). - qeth: Fix retry logic in hardsetup. (LTC#87080) - netiucv: reinsert dev_alloc_name for device naming. (LTC#87086) - qeth: set new mac even if old mac is gone (2). (LTC#87138) - ocfs2: use spinlock irqsave for downconvert lock.patch. - af_netlink: force credentials passing. - af_unix: dont send SCM_CREDENTIALS by default. - sunrpc: increase maximum slots to use. - bio: bio allocation failure due to bio_get_nr_vecs(). - bio: do not overflow in bio_get_nr_vecs(). - md: close race between removing and adding a device. - thp, memcg: split hugepage for memcg oom on cow. - bonding: delete migrated IP addresses from the rlb hash table. - xfs: Fix re-use of EWOULDBLOCK during read on dm-mirror. - qla2xxx: Determine the number of outstanding commands based on available resources. - qla2xxx: Ramp down queue depth for attached SCSI devices. - autofs4: fix lockdep splat in autofs. - ipv6: tcp: fix panic in SYN processing. - add splash=black option to bootsplash code, to keep a black background, useful for remote access to VMs.
    last seen2020-06-05
    modified2013-02-08
    plugin id64500
    published2013-02-08
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64500
    titleSuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7273 / 7276 / 7277)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(64500);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-0957", "CVE-2012-4530", "CVE-2012-4565");
    
      script_name(english:"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7273 / 7276 / 7277)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.58, fixing
    various bugs and security issues.
    
    The updates contains the following feature enhancement :
    
      - Enable various md/raid10 and DASD enhancements.
    
      - Make is possible for RAID10 to cope with DASD devices
        being slow for various reasons - the affected device
        will be temporarily removed from the array.
    
      - Added support for reshaping of RAID10 arrays, mdadm
        changes will be published to support the changes. The
        following security issues were fixed :
    
      - A division by zero in the TCP Illinois algorithm.
        (CVE-2012-4565)
    
      - The uname26 personality leaked kernel memory
        information. (CVE-2012-0957)
    
      - Kernel stack content disclosure via binfmt_script
        load_script(). (CVE-2012-4530) The following
        non-security issues were fixed :
    
      - BTRFS :
    
      - btrfs: reset path lock state to zero.
    
      - btrfs: fix off-by-one in lseek.
    
      - btrfs: fix btrfs_cont_expand() freeing IS_ERR em.
    
      - btrfs: update timestamps on truncate().
    
      - btrfs: put csums on the right ordered extent.
    
      - btrfs: use existing align macros in btrfs_allocate()
    
      - btrfs: fix off-by-one error of the reserved size of
        btrfs_allocate()
    
      - btrfs: add fiemaps flag check
    
      - btrfs: fix permissions of empty files not affected by
        umask
    
      - btrfs: do not auto defrag a file when doing directIO
    
      - btrfs: fix wrong return value of btrfs_truncate_page()
    
      - btrfs: Notify udev when removing device
    
      - btrfs: fix permissions of empty files not affected by
        umask
    
      - btrfs: fix hash overflow handling
    
      - btrfs: do not delete a subvolume which is in a R/O
        subvolume
    
      - btrfs: remove call to btrfs_wait_ordered_extents to
        avoid potential deadlock.
    
      - btrfs: update the checks for mixed block groups with big
        metadata blocks
    
      - btrfs: Fix use-after-free in __btrfs_end_transaction
    
      - btrfs: use commit root when loading free space cache.
    
      - btrfs: avoid setting ->d_op twice (FATE#306586
        bnc#731387).
    
      - btrfs: fix race in reada (FATE#306586).
    
      - btrfs: do not add both copies of DUP to reada extent
        tree
    
      - btrfs: do not mount when we have a sectorsize unequal to
        PAGE_SIZE
    
      - btrfs: add missing unlocks to transaction abort paths
    
      - btrfs: avoid sleeping in verify_parent_transid while
        atomic
    
      - btrfs: disallow unequal data/metadata blocksize for
        mixed block groups
    
      - btrfs: enhance superblock sanity checks. (bnc#749651)
    
      - btrfs: sanitizing ->fs_info, parts 1-5.
    
      - btrfs: make open_ctree() return int.
    
      - btrfs: kill pointless reassignment of ->s_fs_info in
        btrfs_fill_super().
    
      - btrfs: merge free_fs_info() calls on fill_super
        failures.
    
      - btrfs: make free_fs_info() call ->kill_sb()
        unconditional.
    
      - btrfs: consolidate failure exits in btrfs_mount() a bit.
    
      - btrfs: let ->s_fs_info point to fs_info, not root...
    
      - btrfs: take allocation of ->tree_root into open_ctree().
    
      - Update DASD blk_timeout patches after review by IBM :
    
      - dasd: Abort all requests from ioctl
    
      - dasd: Disable block timeouts per default
    
      - dasd: Reduce amount of messages for specific errors
    
      - dasd: Rename ioctls
    
      - dasd: check blk_noretry_request in dasd_times_out()
    
      - dasd: lock ccw queue in dasd_times_out()
    
      - dasd: make DASD_FLAG_TIMEOUT setting more robust
    
      - dasd: rename flag to abortall
    
      - LPFC :
    
      - Update lpfc version for 8.3.5.48.3p driver release.
    
      - lpfc 8.3.32: Correct successful aborts returning error
        status.
    
      - lpfc 8.3.34: Correct lock handling to eliminate reset
        escalation on I/O abort.
    
      - lpfc 8.3.34: Streamline fcp underrun message printing.
    
      - DRM/i915 :
    
      - drm/i915: EBUSY status handling added to
        i915_gem_fault().
    
      - drm/i915: Only clear the GPU domains upon a successful
        finish.
    
      - drm/i915: always use RPNSWREQ for turbo change requests.
    
      - drm/i915: do not call modeset_init_hw in i915_reset.
    
      - drm/i915: do not hang userspace when the gpu reset is
        stuck.
    
      - drm/i915: do not trylock in the gpu reset code.
    
      - drm/i915: re-init modeset hw state after gpu reset.
    
      - HyperV :
    
      - x86: Hyper-V: register clocksource only if its
        advertised.
    
      - Other :
    
      - xfrm: fix freed block size calculation in
        xfrm_policy_fini().
    
      - bonding: in balance-rr mode, set curr_active_slave only
        if it is up.
    
      - kernel: broken interrupt statistics (LTC#87893).
    
      - kernel: sched_clock() overflow (LTC#87978).
    
      - mm: call sleep_on_page_killable from
        __wait_on_page_locked_killable.
    
      - TTY: do not reset masters packet mode.
    
      - patches.suse/kbuild-record-built-in-o: Avoid using
        printf(1) in Makefile.build
    
      - rpm/built-in-where.mk: Do not rely on the *.parts file
        to be newline-separated.
    
      - NFS: Allow sec=none mounts in certain cases.
    
      - NFS: fix recent breakage to NFS error handling.
    
      - bridge: Pull ip header into skb->data before looking
        into ip header.
    
      - dm mpath: allow ioctls to trigger pg init.
    
      - dm mpath: only retry ioctl when no paths if
        queue_if_no_path set.
    
      - radix-tree: fix preload vector size.
    
      - sched, rt: Unthrottle rt runqueues in
        __disable_runtime().
    
      - sched/rt: Fix SCHED_RR across cgroups.
    
      - sched/rt: Do not throttle when PI boosting.
    
      - sched/rt: Keep period timer ticking when rt throttling
        is active.
    
      - sched/rt: Prevent idle task boosting.
    
      - mm: limit mmu_gather batching to fix soft lockups on
        !CONFIG_PREEMPT.
    
      - kabi fixup for mm: limit mmu_gather batching to fix soft
        lockups on !CONFIG_PREEMPT.
    
      - Refresh Xen patches after update to 3.0.57.
    
      - aio: make kiocb->private NUll in init_sync_kiocb().
    
      - qeth: Fix retry logic in hardsetup. (LTC#87080)
    
      - netiucv: reinsert dev_alloc_name for device naming.
        (LTC#87086)
    
      - qeth: set new mac even if old mac is gone (2).
        (LTC#87138)
    
      - ocfs2: use spinlock irqsave for downconvert lock.patch.
    
      - af_netlink: force credentials passing.
    
      - af_unix: dont send SCM_CREDENTIALS by default.
    
      - sunrpc: increase maximum slots to use.
    
      - bio: bio allocation failure due to bio_get_nr_vecs().
    
      - bio: do not overflow in bio_get_nr_vecs().
    
      - md: close race between removing and adding a device.
    
      - thp, memcg: split hugepage for memcg oom on cow.
    
      - bonding: delete migrated IP addresses from the rlb hash
        table.
    
      - xfs: Fix re-use of EWOULDBLOCK during read on dm-mirror.
    
      - qla2xxx: Determine the number of outstanding commands
        based on available resources.
    
      - qla2xxx: Ramp down queue depth for attached SCSI
        devices.
    
      - autofs4: fix lockdep splat in autofs.
    
      - ipv6: tcp: fix panic in SYN processing.
    
      - add splash=black option to bootsplash code, to keep a
        black background, useful for remote access to VMs."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=729854"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=731387"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=736255"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=739728"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=745876"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=749651"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=758104"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=762158"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=763463"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=773487"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=773831"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=775685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=778136"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=779577"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=780008"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=782721"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=783515"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=786013"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=786976"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=787348"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=787576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=787848"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=789115"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=789648"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=789993"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=790935"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=791498"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=791853"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=791904"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792270"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792500"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792656"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792834"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=793104"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=793139"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=793593"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=793671"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=794231"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=794824"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=795354"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=797042"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=798960"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=799209"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=799275"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=799909"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-0957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-4530.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-4565.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Apply SAT patch number 7273 / 7276 / 7277 as appropriate."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-man");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-syms");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/01/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/08");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-source-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-syms-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-source-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-syms-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-extra-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-source-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-syms-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"kernel-default-man-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.58-0.6.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.3_06_3.0.58_0.6.2-0.7.16")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-176.NASL
    descriptionThe Linux kernel was updated to fix various bugs and security issues : CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. CVE-2013-0160: Avoid a side channel attack on /dev/ptmx (keyboard input timing). CVE-2012-5374: Fixed a local denial of service in the BTRFS hashing code. CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux kernel, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. CVE-2013-0268: The msr_open function in arch/x86/kernel/msr.c in the Linux kernel allowed local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. CVE-2012-0957: The override_release function in kernel/sys.c in the Linux kernel allowed local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. CVE-2013-0216: The Xen netback functionality in the Linux kernel allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third-party information. CVE-2012-4530: The load_script function in fs/binfmt_script.c in the Linux kernel did not properly handle recursion, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application. CVE-2012-4508: Race condition in fs/ext4/extents.c in the Linux kernel allowed local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux kernel allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux kernel provided an invalid replacement session keyring to a child process, which allowed local users to cause a denial of service (panic) via a crafted application that uses the fork system call. CVE-2012-3375: The epoll_ctl system call in fs/eventpoll.c in the Linux kernel did not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allowed local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel allowed remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.
    last seen2020-06-05
    modified2014-06-13
    plugin id74914
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74914
    titleopenSUSE Security Update : kernel (openSUSE-SU-2013:0396-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2013-176.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74914);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-0957", "CVE-2012-2745", "CVE-2012-3375", "CVE-2012-3400", "CVE-2012-3412", "CVE-2012-4508", "CVE-2012-4530", "CVE-2012-5374", "CVE-2013-0160", "CVE-2013-0216", "CVE-2013-0231", "CVE-2013-0268", "CVE-2013-0309", "CVE-2013-0871");
    
      script_name(english:"openSUSE Security Update : kernel (openSUSE-SU-2013:0396-1)");
      script_summary(english:"Check for the openSUSE-2013-176 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The Linux kernel was updated to fix various bugs and security issues :
    
    CVE-2013-0871: Race condition in the ptrace functionality in the Linux
    kernel allowed local users to gain privileges via a PTRACE_SETREGS
    ptrace system call in a crafted application, as demonstrated by
    ptrace_death.
    
    CVE-2013-0160: Avoid a side channel attack on /dev/ptmx (keyboard
    input timing).
    
    CVE-2012-5374: Fixed a local denial of service in the BTRFS hashing
    code.
    
    CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux kernel,
    when transparent huge pages are used, does not properly support
    PROT_NONE memory regions, which allows local users to cause a denial
    of service (system crash) via a crafted application.
    
    CVE-2013-0268: The msr_open function in arch/x86/kernel/msr.c in the
    Linux kernel allowed local users to bypass intended capability
    restrictions by executing a crafted application as root, as
    demonstrated by msr32.c.
    
    CVE-2012-0957: The override_release function in kernel/sys.c in the
    Linux kernel allowed local users to obtain sensitive information from
    kernel stack memory via a uname system call in conjunction with a
    UNAME26 personality.
    
    CVE-2013-0216: The Xen netback functionality in the Linux kernel
    allowed guest OS users to cause a denial of service (loop) by
    triggering ring pointer corruption.
    
    CVE-2013-0231: The pciback_enable_msi function in the PCI backend
    driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for
    the Linux kernel allowed guest OS users with PCI device access to
    cause a denial of service via a large number of kernel log messages.
    NOTE: some of these details are obtained from third-party information.
    
    CVE-2012-4530: The load_script function in fs/binfmt_script.c in the
    Linux kernel did not properly handle recursion, which allowed local
    users to obtain sensitive information from kernel stack memory via a
    crafted application.
    
    CVE-2012-4508: Race condition in fs/ext4/extents.c in the Linux kernel
    allowed local users to obtain sensitive information from a deleted
    file by reading an extent that was not properly marked as
    uninitialized.
    
    CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux
    kernel allowed remote attackers to cause a denial of service (DMA
    descriptor consumption and network-controller outage) via crafted TCP
    packets that trigger a small MSS value.
    
    CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux
    kernel provided an invalid replacement session keyring to a child
    process, which allowed local users to cause a denial of service
    (panic) via a crafted application that uses the fork system call.
    
    CVE-2012-3375: The epoll_ctl system call in fs/eventpoll.c in the
    Linux kernel did not properly handle ELOOP errors in EPOLL_CTL_ADD
    operations, which allowed local users to cause a denial of service
    (file-descriptor consumption and system crash) via a crafted
    application that attempts to create a circular epoll dependency.
    
    CVE-2012-3400: Heap-based buffer overflow in the udf_load_logicalvol
    function in fs/udf/super.c in the Linux kernel allowed remote
    attackers to cause a denial of service (system crash) or possibly have
    unspecified other impact via a crafted UDF filesystem."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=714906"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=720226"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=733148"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=755546"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=762693"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=765524"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=768506"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=769784"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=769896"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=770695"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=773406"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=773831"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=774285"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=774523"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=774859"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=776144"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=778630"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=779432"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=781134"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=783515"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=784192"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=786013"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=787168"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792500"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=793671"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=797175"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=799209"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=800280"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=801178"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=801782"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=802153"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=802642"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=804154"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=804652"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=804738"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2013-03/msg00013.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/02/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-debug-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-default-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-desktop-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-ec2-extra-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-pae-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-source-vanilla-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-syms-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-trace-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-vanilla-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-base-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debuginfo-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-debugsource-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-3.1.10-1.19.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"kernel-xen-devel-debuginfo-3.1.10-1.19.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-16787.NASL
    descriptionThe Linux 3.6.3 stable update contains a large number of bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-11-09
    plugin id62864
    published2012-11-09
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62864
    titleFedora 18 : kernel-3.6.3-3.fc18 (2012-16787)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1644-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63116
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63116
    titleUbuntu 12.04 LTS : linux vulnerabilities (USN-1644-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1649-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63121
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63121
    titleUSN-1649-1 : linux-ti-omap4 vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1646-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63118
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63118
    titleUbuntu 12.10 : linux vulnerabilities (USN-1646-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2012-142.NASL
    descriptionA use-after-free flaw was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id69632
    published2013-09-04
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69632
    titleAmazon Linux AMI : kernel (ALAS-2012-142)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1648-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63120
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63120
    titleUbuntu 11.10 : linux vulnerabilities (USN-1648-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-16669.NASL
    descriptionUpdate to Linux 3.6.3. Various fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-10-29
    plugin id62730
    published2012-10-29
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62730
    titleFedora 17 : kernel-3.6.3-1.fc17 (2012-16669)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1652-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63124
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63124
    titleUbuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1652-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1704-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63669
    published2013-01-23
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63669
    titleUbuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal vulnerabilities (USN-1704-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2013-2507.NASL
    descriptionThe remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen2020-06-01
    modified2020-06-02
    plugin id68847
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68847
    titleOracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2507)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-17479.NASL
    descriptionThis Linux 3.6.5 stable update contains a large number of important bugfixes and security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-11-07
    plugin id62831
    published2012-11-07
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62831
    titleFedora 16 : kernel-3.6.5-2.fc16 (2012-17479)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1645-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63117
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63117
    titleUSN-1645-1 : linux-ti-omap4 vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1704-2.NASL
    descriptionUSN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Brad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id64436
    published2013-02-04
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/64436
    titleUbuntu 12.04 LTS : linux-lts-quantal - Linux kernel hardware enablement from Quantal regression (USN-1704-2)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1491.NASL
    descriptionUpdated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A flaw was found in the way Netlink messages without SCM_CREDENTIALS (used for authentication) data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink message to appear as if it were sent with root privileges. A local, unprivileged user could use this flaw to send spoofed Netlink messages to an application, possibly resulting in the application performing privileged operations if it relied on SCM_CREDENTIALS data for the authentication of Netlink messages. (CVE-2012-3520, Important) * A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important) * A use-after-free flaw was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76653
    published2014-07-22
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76653
    titleRHEL 6 : MRG (RHSA-2012:1491)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1647-1.NASL
    descriptionBrad Spengler discovered a flaw in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id63119
    published2012-12-02
    reporterUbuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63119
    titleUSN-1647-1 : linux-ti-omap4 vulnerabilities

Redhat

rpms
  • kernel-rt-0:3.2.33-rt50.66.el6rt
  • kernel-rt-debug-0:3.2.33-rt50.66.el6rt
  • kernel-rt-debug-debuginfo-0:3.2.33-rt50.66.el6rt
  • kernel-rt-debug-devel-0:3.2.33-rt50.66.el6rt
  • kernel-rt-debuginfo-0:3.2.33-rt50.66.el6rt
  • kernel-rt-debuginfo-common-x86_64-0:3.2.33-rt50.66.el6rt
  • kernel-rt-devel-0:3.2.33-rt50.66.el6rt
  • kernel-rt-doc-0:3.2.33-rt50.66.el6rt
  • kernel-rt-firmware-0:3.2.33-rt50.66.el6rt
  • kernel-rt-trace-0:3.2.33-rt50.66.el6rt
  • kernel-rt-trace-debuginfo-0:3.2.33-rt50.66.el6rt
  • kernel-rt-trace-devel-0:3.2.33-rt50.66.el6rt
  • kernel-rt-vanilla-0:3.2.33-rt50.66.el6rt
  • kernel-rt-vanilla-debuginfo-0:3.2.33-rt50.66.el6rt
  • kernel-rt-vanilla-devel-0:3.2.33-rt50.66.el6rt
  • mrg-rt-release-0:3.2.33-rt50.66.el6rt