Vulnerabilities > CVE-2013-0290 - Improper Input Validation vulnerability in Linux Kernel

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Vulnerable Configurations

Part Description Count
OS
Linux
1665

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Server Side Include (SSI) Injection
    An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
  • Cross Zone Scripting
    An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
  • Cross Site Scripting through Log Files
    An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
  • Command Line Execution through SQL Injection
    An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2013-176.NASL
    descriptionMultiple vulnerabilities has been found and corrected in the Linux kernel : The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application. (CVE-2013-1979) The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3232) net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3235) The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3234) The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3233) The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3231) The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3229) The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3228) The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3227) The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3225) The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3224) The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3223) The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3222) Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. (CVE-2013-2596) arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit. (CVE-2013-2146) The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. (CVE-2013-2094) The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application. (CVE-2013-1798) Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation. (CVE-2013-1797) The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application. (CVE-2013-1796) The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. (CVE-2013-2141) Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. (CVE-2013-1929) The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. (CVE-2012-5532) The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. (CVE-2012-6548) The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. (CVE-2012-6549) net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2013-2634) The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2013-2635) fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application. (CVE-2013-1848) The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. (CVE-2013-0914) Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device. (CVE-2013-1860) Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads. (CVE-2013-1792) The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2546) The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2547) The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2548) The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. (CVE-2013-0311) Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. (CVE-2013-1763) The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application. (CVE-2013-0290) Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. (CVE-2013-1767) The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application. (CVE-2013-0228) Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. (CVE-2013-0217) The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. (CVE-2013-0216) The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2012-6547) The updated packages provides a solution for these security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id66975
    published2013-06-25
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/66975
    titleMandriva Linux Security Advisory : kernel (MDVSA-2013:176)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2013:176. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(66975);
      script_version("1.11");
      script_cvs_date("Date: 2019/08/02 13:32:55");
    
      script_cve_id("CVE-2012-5532", "CVE-2012-6547", "CVE-2012-6548", "CVE-2012-6549", "CVE-2013-0216", "CVE-2013-0217", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-0311", "CVE-2013-0914", "CVE-2013-1763", "CVE-2013-1767", "CVE-2013-1792", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798", "CVE-2013-1848", "CVE-2013-1860", "CVE-2013-1929", "CVE-2013-1979", "CVE-2013-2094", "CVE-2013-2141", "CVE-2013-2146", "CVE-2013-2546", "CVE-2013-2547", "CVE-2013-2548", "CVE-2013-2596", "CVE-2013-2634", "CVE-2013-2635", "CVE-2013-3222", "CVE-2013-3223", "CVE-2013-3224", "CVE-2013-3225", "CVE-2013-3227", "CVE-2013-3228", "CVE-2013-3229", "CVE-2013-3231", "CVE-2013-3232", "CVE-2013-3233", "CVE-2013-3234", "CVE-2013-3235");
      script_bugtraq_id(56710, 57743, 57744, 57940, 57964, 58053, 58137, 58177, 58368, 58382, 58426, 58510, 58597, 58600, 58604, 58605, 58607, 58908, 58993, 58994, 58996, 59264, 59377, 59380, 59381, 59383, 59385, 59388, 59389, 59390, 59393, 59394, 59396, 59397, 59538, 59846, 60254, 60324);
      script_xref(name:"MDVSA", value:"2013:176");
    
      script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2013:176)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities has been found and corrected in the Linux
    kernel :
    
    The scm_set_cred function in include/net/scm.h in the Linux kernel
    before 3.8.11 uses incorrect uid and gid values during credentials
    passing, which allows local users to gain privileges via a crafted
    application. (CVE-2013-1979)
    
    The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel
    before 3.9-rc7 does not initialize a certain data structure, which
    allows local users to obtain sensitive information from kernel stack
    memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3232)
    
    net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not
    initialize a certain data structure and a certain length variable,
    which allows local users to obtain sensitive information from kernel
    stack memory via a crafted recvmsg or recvfrom system call.
    (CVE-2013-3235)
    
    The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel
    before 3.9-rc7 does not initialize a certain data structure, which
    allows local users to obtain sensitive information from kernel stack
    memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3234)
    
    The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux
    kernel before 3.9-rc7 does not initialize a certain length variable
    and a certain data structure, which allows local users to obtain
    sensitive information from kernel stack memory via a crafted recvmsg
    or recvfrom system call. (CVE-2013-3233)
    
    The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel
    before 3.9-rc7 does not initialize a certain length variable, which
    allows local users to obtain sensitive information from kernel stack
    memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3231)
    
    The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux
    kernel before 3.9-rc7 does not initialize a certain length variable,
    which allows local users to obtain sensitive information from kernel
    stack memory via a crafted recvmsg or recvfrom system call.
    (CVE-2013-3229)
    
    The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux
    kernel before 3.9-rc7 does not initialize a certain length variable,
    which allows local users to obtain sensitive information from kernel
    stack memory via a crafted recvmsg or recvfrom system call.
    (CVE-2013-3228)
    
    The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the
    Linux kernel before 3.9-rc7 does not initialize a certain length
    variable, which allows local users to obtain sensitive information
    from kernel stack memory via a crafted recvmsg or recvfrom system
    call. (CVE-2013-3227)
    
    The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the
    Linux kernel before 3.9-rc7 does not initialize a certain length
    variable, which allows local users to obtain sensitive information
    from kernel stack memory via a crafted recvmsg or recvfrom system
    call. (CVE-2013-3225)
    
    The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the
    Linux kernel before 3.9-rc7 does not properly initialize a certain
    length variable, which allows local users to obtain sensitive
    information from kernel stack memory via a crafted recvmsg or recvfrom
    system call. (CVE-2013-3224)
    
    The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel
    before 3.9-rc7 does not initialize a certain data structure, which
    allows local users to obtain sensitive information from kernel stack
    memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3223)
    
    The vcc_recvmsg function in net/atm/common.c in the Linux kernel
    before 3.9-rc7 does not initialize a certain length variable, which
    allows local users to obtain sensitive information from kernel stack
    memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3222)
    
    Integer overflow in the fb_mmap function in drivers/video/fbmem.c in
    the Linux kernel before 3.8.9, as used in a certain Motorola build of
    Android 4.1.2 and other products, allows local users to create a
    read-write memory mapping for the entirety of kernel memory, and
    consequently gain privileges, via crafted /dev/graphics/fb0 mmap2
    system calls, as demonstrated by the Motochopper pwn program.
    (CVE-2013-2596)
    
    arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before
    3.8.9, when the Performance Events Subsystem is enabled, specifies an
    incorrect bitmask, which allows local users to cause a denial of
    service (general protection fault and system crash) by attempting to
    set a reserved bit. (CVE-2013-2146)
    
    The perf_swevent_init function in kernel/events/core.c in the Linux
    kernel before 3.8.9 uses an incorrect integer data type, which allows
    local users to gain privileges via a crafted perf_event_open system
    call. (CVE-2013-2094)
    
    The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux
    kernel through 3.8.4 does not properly handle a certain combination of
    invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which
    allows guest OS users to obtain sensitive information from host OS
    memory or cause a denial of service (host OS OOPS) via a crafted
    application. (CVE-2013-1798)
    
    Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel
    through 3.8.4 allows guest OS users to cause a denial of service (host
    OS memory corruption) or possibly have unspecified other impact via a
    crafted application that triggers use of a guest physical address
    (GPA) in (1) movable or (2) removable memory during an
    MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation. (CVE-2013-1797)
    
    The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux
    kernel through 3.8.4 does not ensure a required time_page alignment
    during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users
    to cause a denial of service (buffer overflow and host OS memory
    corruption) or possibly have unspecified other impact via a crafted
    application. (CVE-2013-1796)
    
    The do_tkill function in kernel/signal.c in the Linux kernel before
    3.8.9 does not initialize a certain data structure, which allows local
    users to obtain sensitive information from kernel memory via a crafted
    application that makes a (1) tkill or (2) tgkill system call.
    (CVE-2013-2141)
    
    Heap-based buffer overflow in the tg3_read_vpd function in
    drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6
    allows physically proximate attackers to cause a denial of service
    (system crash) or possibly execute arbitrary code via crafted firmware
    that specifies a long string in the Vital Product Data (VPD) data
    structure. (CVE-2013-1929)
    
    The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as
    distributed in the Linux kernel before 3.8-rc1, allows local users to
    cause a denial of service (daemon exit) via a crafted application that
    sends a Netlink message. NOTE: this vulnerability exists because of an
    incorrect fix for CVE-2012-2669. (CVE-2012-5532)
    
    The udf_encode_fh function in fs/udf/namei.c in the Linux kernel
    before 3.6 does not initialize a certain structure member, which
    allows local users to obtain sensitive information from kernel heap
    memory via a crafted application. (CVE-2012-6548)
    
    The isofs_export_encode_fh function in fs/isofs/export.c in the Linux
    kernel before 3.6 does not initialize a certain structure member,
    which allows local users to obtain sensitive information from kernel
    heap memory via a crafted application. (CVE-2012-6549)
    
    net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize
    certain structures, which allows local users to obtain sensitive
    information from kernel stack memory via a crafted application.
    (CVE-2013-2634)
    
    The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux
    kernel before 3.8.4 does not initialize a certain structure member,
    which allows local users to obtain sensitive information from kernel
    stack memory via a crafted application. (CVE-2013-2635)
    
    fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect
    arguments to functions in certain circumstances related to printk
    input, which allows local users to conduct format-string attacks and
    possibly gain privileges via a crafted application. (CVE-2013-1848)
    
    The flush_signal_handlers function in kernel/signal.c in the Linux
    kernel before 3.8.4 preserves the value of the sa_restorer field
    across an exec operation, which makes it easier for local users to
    bypass the ASLR protection mechanism via a crafted application
    containing a sigaction system call. (CVE-2013-0914)
    
    Heap-based buffer overflow in the wdm_in_callback function in
    drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows
    physically proximate attackers to cause a denial of service (system
    crash) or possibly execute arbitrary code via a crafted cdc-wdm USB
    device. (CVE-2013-1860)
    
    Race condition in the install_user_keyrings function in
    security/keys/process_keys.c in the Linux kernel before 3.8.3 allows
    local users to cause a denial of service (NULL pointer dereference and
    system crash) via crafted keyctl system calls that trigger keyring
    operations in simultaneous threads. (CVE-2013-1792)
    
    The report API in the crypto user configuration API in the Linux
    kernel through 3.8.2 uses an incorrect C library function for copying
    strings, which allows local users to obtain sensitive information from
    kernel stack memory by leveraging the CAP_NET_ADMIN capability.
    (CVE-2013-2546)
    
    The crypto_report_one function in crypto/crypto_user.c in the report
    API in the crypto user configuration API in the Linux kernel through
    3.8.2 does not initialize certain structure members, which allows
    local users to obtain sensitive information from kernel heap memory by
    leveraging the CAP_NET_ADMIN capability. (CVE-2013-2547)
    
    The crypto_report_one function in crypto/crypto_user.c in the report
    API in the crypto user configuration API in the Linux kernel through
    3.8.2 uses an incorrect length value during a copy operation, which
    allows local users to obtain sensitive information from kernel memory
    by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2548)
    
    The translate_desc function in drivers/vhost/vhost.c in the Linux
    kernel before 3.7 does not properly handle cross-region descriptors,
    which allows guest OS users to obtain host OS privileges by leveraging
    KVM guest OS privileges. (CVE-2013-0311)
    
    Array index error in the __sock_diag_rcv_msg function in
    net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local
    users to gain privileges via a large family value in a Netlink
    message. (CVE-2013-1763)
    
    The __skb_recv_datagram function in net/core/datagram.c in the Linux
    kernel before 3.8 does not properly handle the MSG_PEEK flag with
    zero-length data, which allows local users to cause a denial of
    service (infinite loop and system hang) via a crafted application.
    (CVE-2013-0290)
    
    Use-after-free vulnerability in the shmem_remount_fs function in
    mm/shmem.c in the Linux kernel before 3.7.10 allows local users to
    gain privileges or cause a denial of service (system crash) by
    remounting a tmpfs filesystem without specifying a required mpol (aka
    mempolicy) mount option. (CVE-2013-1767)
    
    The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel
    before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly
    handle an invalid value in the DS segment register, which allows guest
    OS users to gain guest OS privileges via a crafted application.
    (CVE-2013-0228)
    
    Memory leak in drivers/net/xen-netback/netback.c in the Xen netback
    functionality in the Linux kernel before 3.7.8 allows guest OS users
    to cause a denial of service (memory consumption) by triggering
    certain error conditions. (CVE-2013-0217)
    
    The Xen netback functionality in the Linux kernel before 3.7.8 allows
    guest OS users to cause a denial of service (loop) by triggering ring
    pointer corruption. (CVE-2013-0216)
    
    The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel
    before 3.6 does not initialize a certain structure, which allows local
    users to obtain sensitive information from kernel stack memory via a
    crafted application. (CVE-2012-6547)
    
    The updated packages provides a solution for these security issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cpupower");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-firmware");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perf");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/06/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"cpupower-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"kernel-firmware-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-headers-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-devel-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"kernel-source-3.4.47-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower-devel-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower0-3.4.47-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"perf-3.4.47-1.1.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1768-1.NASL
    descriptionAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id65610
    published2013-03-19
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/65610
    titleUbuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1768-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-1768-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(65610);
      script_version("1.8");
      script_cvs_date("Date: 2019/09/19 12:54:29");
    
      script_cve_id("CVE-2013-0190", "CVE-2013-0216", "CVE-2013-0217", "CVE-2013-0231", "CVE-2013-0268", "CVE-2013-0290", "CVE-2013-0311", "CVE-2013-0313", "CVE-2013-0349");
      script_xref(name:"USN", value:"1768-1");
    
      script_name(english:"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1768-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux
    kernel. An unprivileged user in a 32bit PVOPS guest can cause the
    guest kernel to crash, or operate erroneously. (CVE-2013-0190)
    
    A failure to validate input was discovered in the Linux kernel's Xen
    netback (network backend) driver. A user in a guest OS may exploit
    this flaw to cause a denial of service to the guest OS and other guest
    domains. (CVE-2013-0216)
    
    A memory leak was discovered in the Linux kernel's Xen netback
    (network backend) driver. A user in a guest OS could trigger this flaw
    to cause a denial of service on the system. (CVE-2013-0217)
    
    A flaw was discovered in the Linux kernel Xen PCI backend driver. If a
    PCI device is assigned to the guest OS, the guest OS could exploit
    this flaw to cause a denial of service on the host. (CVE-2013-0231)
    
    A flaw was reported in the permission checks done by the Linux kernel
    for /dev/cpu/*/msr. A local root user with all capabilities dropped
    could exploit this flaw to execute code with full root capabilities.
    (CVE-2013-0268)
    
    Tommi Rantala discovered a flaw in the a flaw the Linux kernels
    handling of datagrams packets when the MSG_PEEK flag is specified. An
    unprivileged local user could exploit this flaw to cause a denial of
    service (system hang). (CVE-2013-0290)
    
    A flaw was discovered in the Linux kernel's vhost driver used to
    accelerate guest networking in KVM based virtual machines. A
    privileged guest user could exploit this flaw to crash the host
    system. (CVE-2013-0311)
    
    A flaw was discovered in the Extended Verification Module (EVM) of the
    Linux kernel. An unprivileged local user code exploit this flaw to
    cause a denial of service (system crash). (CVE-2013-0313)
    
    An information leak was discovered in the Linux kernel's Bluetooth
    stack when HIDP (Human Interface Device Protocol) support is enabled.
    A local unprivileged user could exploit this flaw to cause an
    information leak from the kernel. (CVE-2013-0349).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/1768-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected linux-image-3.5-generic package."
      );
      script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/12");
      script_set_attribute(attribute:"patch_publication_date", value:"2013/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("ksplice.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2013-0190", "CVE-2013-0216", "CVE-2013-0217", "CVE-2013-0231", "CVE-2013-0268", "CVE-2013-0290", "CVE-2013-0311", "CVE-2013-0313", "CVE-2013-0349");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1768-1");
      }
      else
      {
        _ubuntu_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.5.0-26-generic", pkgver:"3.5.0-26.42~precise1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.5-generic");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-452.NASL
    descriptionThe openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed : - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - ACPI / thermal: do not always return THERMAL_TREND_RAISING for active trip points (bnc#820048). - perf: Treat attr.config as u64 in perf_swevent_init() (bnc#819789, CVE-2013-2094). - cxgb4: fix error recovery when t4_fw_hello returns a positive value (bnc#818497). - kabi/severities: Ignore drivers/mfd/ucb1400_core It provides internal exports to UCB1400 drivers, that we have just disabled. - Fix -devel package for armv7hl armv7hl kernel flavors in the non-multiplatform configuration (which is the default for our openSUSE 12.3 release), needs more header files from the machine specific directories to be included in kernel-devel. - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can
    last seen2020-06-05
    modified2014-06-13
    plugin id75016
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75016
    titleopenSUSE Security Update : kernel (openSUSE-SU-2013:0951-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1769-1.NASL
    descriptionAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id65611
    published2013-03-19
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/65611
    titleUbuntu 12.10 : linux vulnerabilities (USN-1769-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-512.NASL
    descriptionThe openSUSE 12.2 kernel was updated to fix security issue and other bugs. Security issues fixed: CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it (aka not filtered by firewalls). CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed : - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - reiserfs: fix problems with chowning setuid file w/ xattrs (bnc#790920). - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can
    last seen2020-06-05
    modified2014-06-13
    plugin id75048
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75048
    titleopenSUSE Security Update : kernel (openSUSE-SU-2013:1042-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-2597.NASL
    descriptionUpstream stable kernel 3.7.9 contains a number of bug fixes across the tree, as well as important security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-02-25
    plugin id64872
    published2013-02-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64872
    titleFedora 17 : kernel-3.7.9-101.fc17 (2013-2597)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-2635.NASL
    descriptionCVE-2013-0290 net: infinite loop in __skb_recv_datagram Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-02-19
    plugin id64679
    published2013-02-19
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/64679
    titleFedora 18 : kernel-3.7.8-202.fc18 (2013-2635)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-0622.NASL
    descriptionUpdated kernel-rt packages that fix several security issues and three bugs are now available for Red Hat Enterprise MRG 2.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * A flaw was found in the way file permission checks for the
    last seen2020-06-01
    modified2020-06-02
    plugin id76659
    published2014-07-22
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76659
    titleRHEL 6 : MRG (RHSA-2013:0622)

Redhat

rpms
  • kernel-rt-0:3.6.11-rt30.25.el6rt
  • kernel-rt-debug-0:3.6.11-rt30.25.el6rt
  • kernel-rt-debug-debuginfo-0:3.6.11-rt30.25.el6rt
  • kernel-rt-debug-devel-0:3.6.11-rt30.25.el6rt
  • kernel-rt-debuginfo-0:3.6.11-rt30.25.el6rt
  • kernel-rt-debuginfo-common-x86_64-0:3.6.11-rt30.25.el6rt
  • kernel-rt-devel-0:3.6.11-rt30.25.el6rt
  • kernel-rt-doc-0:3.6.11-rt30.25.el6rt
  • kernel-rt-firmware-0:3.6.11-rt30.25.el6rt
  • kernel-rt-trace-0:3.6.11-rt30.25.el6rt
  • kernel-rt-trace-debuginfo-0:3.6.11-rt30.25.el6rt
  • kernel-rt-trace-devel-0:3.6.11-rt30.25.el6rt
  • kernel-rt-vanilla-0:3.6.11-rt30.25.el6rt
  • kernel-rt-vanilla-debuginfo-0:3.6.11-rt30.25.el6rt
  • kernel-rt-vanilla-devel-0:3.6.11-rt30.25.el6rt
  • mrg-rt-release-0:3.6.11-rt30.25.el6rt