Vulnerabilities > CVE-2014-1737 - Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Vulnerable Configurations

Part Description Count
OS
Linux
3706
OS
Oracle
2
OS
Debian
2
OS
Suse
5
OS
Redhat
2

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0740.NASL
    descriptionUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74458
    published2014-06-11
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74458
    titleRHEL 5 : kernel (RHSA-2014:0740)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2014:0740. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74458);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/24 15:35:38");
    
      script_cve_id("CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738");
      script_bugtraq_id(66351, 67300, 67302);
      script_xref(name:"RHSA", value:"2014:0740");
    
      script_name(english:"RHEL 5 : kernel (RHSA-2014:0740)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that fix three security issues and several
    bugs are now available for Red Hat Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having
    Important security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    * A flaw was found in the way the Linux kernel's floppy driver handled
    user space provided data in certain error code paths while processing
    FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX
    could use this flaw to free (using the kfree() function) arbitrary
    kernel memory. (CVE-2014-1737, Important)
    
    * It was found that the Linux kernel's floppy driver leaked internal
    kernel memory addresses to user space during the processing of the
    FDRAWCMD IOCTL command. A local user with write access to /dev/fdX
    could use this flaw to obtain information about the kernel heap
    arrangement. (CVE-2014-1738, Low)
    
    Note: A local user with write access to /dev/fdX could use these two
    flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate
    their privileges on the system.
    
    * A NULL pointer dereference flaw was found in the
    rds_ib_laddr_check() function in the Linux kernel's implementation of
    Reliable Datagram Sockets (RDS). A local, unprivileged user could use
    this flaw to crash the system. (CVE-2013-7339, Moderate)
    
    Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737
    and CVE-2014-1738.
    
    This update also fixes the following bugs :
    
    * A bug in the futex system call could result in an overflow when
    passing a very large positive timeout. As a consequence, the
    FUTEX_WAIT operation did not work as intended and the system call was
    timing out immediately. A backported patch fixes this bug by limiting
    very large positive timeouts to the maximal supported value.
    (BZ#1091832)
    
    * A new Linux Security Module (LSM) functionality related to the
    setrlimit hooks should produce a warning message when used by a third
    party module that could not cope with it. However, due to a
    programming error, the kernel could print this warning message when a
    process was setting rlimits for a different process, or if rlimits
    were modified by another than the main thread even though there was no
    incompatible third party module. This update fixes the relevant code
    and ensures that the kernel handles this warning message correctly.
    (BZ#1092869)
    
    * Previously, the kernel was unable to detect KVM on system boot if
    the Hyper-V emulation was enabled. A patch has been applied to ensure
    that both KVM and Hyper-V hypervisors are now correctly detected
    during system boot. (BZ#1094152)
    
    * A function in the RPC code responsible for verifying whether cached
    credentials match the current process did not perform the check
    correctly. The code checked only whether the groups in the current
    process credentials appear in the same order as in the cached
    credentials but did not ensure that no other groups are present in the
    cached credentials. As a consequence, when accessing files in NFS
    mounts, a process with the same UID and GID as the original process
    but with a non-matching group list could have been granted an
    unauthorized access to a file, or under certain circumstances, the
    process could have been wrongly prevented from accessing the file. The
    incorrect test condition has been fixed and the problem can no longer
    occur. (BZ#1095062)
    
    * When being under heavy load, some Fibre Channel storage devices,
    such as Hitachi and HP Open-V series, can send a logout (LOGO) message
    to the host system. However, due to a bug in the lpfc driver, this
    could result in a loss of active paths to the storage and the paths
    could not be recovered without manual intervention. This update
    corrects the lpfc driver to ensure automatic recovery of the lost
    paths to the storage in this scenario. (BZ#1096061)
    
    All kernel users are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues. The system
    must be rebooted for this update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2014:0740"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-7339"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2014-1737"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2014-1738"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/06/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2014:0740";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debuginfo-common-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debuginfo-common-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debuginfo-common-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", reference:"kernel-doc-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"kernel-headers-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-headers-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-headers-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-debuginfo-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-devel-2.6.18-371.9.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-371.9.1.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
      }
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-124.NASL
    descriptionMultiple vulnerabilities has been found and corrected in the Linux kernel : kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number (CVE-2014-3917). The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification (CVE-2014-3153). Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions (CVE-2014-2672). The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced (CVE-2014-3144). The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced (CVE-2014-3145). Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter (CVE-2014-2851). The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the LECHO !OPOST case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings (CVE-2014-0196). The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device (CVE-2014-1738). The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device (CVE-2014-1737). The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports (CVE-2014-2678). drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions (CVE-2014-0077). The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets (CVE-2014-2309). Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897). net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function (CVE-2014-2523). Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c (CVE-2014-2706). The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk (CVE-2014-0101). The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer (CVE-2014-0069). arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction (CVE-2014-2039). Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function (CVE-2012-2137). The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context (CVE-2014-1874). The updated packages provides a solution for these security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id74513
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74513
    titleMandriva Linux Security Advisory : kernel (MDVSA-2014:124)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2014:124. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74513);
      script_version("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2012-2137", "CVE-2013-2897", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3917");
      script_bugtraq_id(54063, 62044, 65459, 65588, 65700, 65943, 66095, 66279, 66492, 66543, 66591, 66678, 66779, 67282, 67300, 67302, 67309, 67321, 67906);
      script_xref(name:"MDVSA", value:"2014:124");
    
      script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities has been found and corrected in the Linux
    kernel :
    
    kernel/auditsc.c in the Linux kernel through 3.14.5, when
    CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows
    local users to obtain potentially sensitive single-bit values from
    kernel memory or cause a denial of service (OOPS) via a large value of
    a syscall number (CVE-2014-3917).
    
    The futex_requeue function in kernel/futex.c in the Linux kernel
    through 3.14.5 does not ensure that calls have two different futex
    addresses, which allows local users to gain privileges via a crafted
    FUTEX_REQUEUE command that facilitates unsafe waiter modification
    (CVE-2014-3153).
    
    Race condition in the ath_tx_aggr_sleep function in
    drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before
    3.13.7 allows remote attackers to cause a denial of service (system
    crash) via a large amount of network traffic that triggers certain
    list deletions (CVE-2014-2672).
    
    The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension
    implementations in the sk_run_filter function in net/core/filter.c in
    the Linux kernel through 3.14.3 do not check whether a certain length
    value is sufficiently large, which allows local users to cause a
    denial of service (integer underflow and system crash) via crafted BPF
    instructions. NOTE: the affected code was moved to the
    __skb_get_nlattr and __skb_get_nlattr_nest functions before the
    vulnerability was announced (CVE-2014-3144).
    
    The BPF_S_ANC_NLATTR_NEST extension implementation in the
    sk_run_filter function in net/core/filter.c in the Linux kernel
    through 3.14.3 uses the reverse order in a certain subtraction, which
    allows local users to cause a denial of service (over-read and system
    crash) via crafted BPF instructions. NOTE: the affected code was moved
    to the __skb_get_nlattr_nest function before the vulnerability was
    announced (CVE-2014-3145).
    
    Integer overflow in the ping_init_sock function in net/ipv4/ping.c in
    the Linux kernel through 3.14.1 allows local users to cause a denial
    of service (use-after-free and system crash) or possibly gain
    privileges via a crafted application that leverages an improperly
    managed reference counter (CVE-2014-2851).
    
    The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel
    through 3.14.3 does not properly manage tty driver access in the LECHO
    !OPOST case, which allows local users to cause a denial of service
    (memory corruption and system crash) or gain privileges by triggering
    a race condition involving read and write operations with long strings
    (CVE-2014-0196).
    
    The raw_cmd_copyout function in drivers/block/floppy.c in the Linux
    kernel through 3.14.3 does not properly restrict access to certain
    pointers during processing of an FDRAWCMD ioctl call, which allows
    local users to obtain sensitive information from kernel heap memory by
    leveraging write access to a /dev/fd device (CVE-2014-1738).
    
    The raw_cmd_copyin function in drivers/block/floppy.c in the Linux
    kernel through 3.14.3 does not properly handle error conditions during
    processing of an FDRAWCMD ioctl call, which allows local users to
    trigger kfree operations and gain privileges by leveraging write
    access to a /dev/fd device (CVE-2014-1737).
    
    The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel
    through 3.14 allows local users to cause a denial of service (NULL
    pointer dereference and system crash) or possibly have unspecified
    other impact via a bind system call for an RDS socket on a system that
    lacks RDS transports (CVE-2014-2678).
    
    drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable
    buffers are disabled, does not properly validate packet lengths, which
    allows guest OS users to cause a denial of service (memory corruption
    and host OS crash) or possibly gain privileges on the host OS via
    crafted packets, related to the handle_rx and get_rx_bufs functions
    (CVE-2014-0077).
    
    The ip6_route_add function in net/ipv6/route.c in the Linux kernel
    through 3.13.6 does not properly count the addition of routes, which
    allows remote attackers to cause a denial of service (memory
    consumption) via a flood of ICMPv6 Router Advertisement packets
    (CVE-2014-2309).
    
    Multiple array index errors in drivers/hid/hid-multitouch.c in the
    Human Interface Device (HID) subsystem in the Linux kernel through
    3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically
    proximate attackers to cause a denial of service (heap memory
    corruption, or NULL pointer dereference and OOPS) via a crafted device
    (CVE-2013-2897).
    
    net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through
    3.13.6 uses a DCCP header pointer incorrectly, which allows remote
    attackers to cause a denial of service (system crash) or possibly
    execute arbitrary code via a DCCP packet that triggers a call to the
    (1) dccp_new, (2) dccp_packet, or (3) dccp_error function
    (CVE-2014-2523).
    
    Race condition in the mac80211 subsystem in the Linux kernel before
    3.13.7 allows remote attackers to cause a denial of service (system
    crash) via network traffic that improperly interacts with the
    WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and
    tx.c (CVE-2014-2706).
    
    The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the
    Linux kernel through 3.13.6 does not validate certain auth_enable and
    auth_capable fields before making an sctp_sf_authenticate call, which
    allows remote attackers to cause a denial of service (NULL pointer
    dereference and system crash) via an SCTP handshake with a modified
    INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk
    (CVE-2014-0101).
    
    The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel
    through 3.13.5 does not properly handle uncached write operations that
    copy fewer than the requested number of bytes, which allows local
    users to obtain sensitive information from kernel memory, cause a
    denial of service (memory corruption and system crash), or possibly
    gain privileges via a writev system call with a crafted pointer
    (CVE-2014-0069).
    
    arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the
    s390 platform does not properly handle attempted use of the linkage
    stack, which allows local users to cause a denial of service (system
    crash) by executing a crafted instruction (CVE-2014-2039).
    
    Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the
    Linux kernel before 3.2.24 allows local users to cause a denial of
    service (crash) and possibly execute arbitrary code via vectors
    related to Message Signaled Interrupts (MSI), irq routing entries, and
    an incorrect check by the setup_routing_entry function before invoking
    the kvm_set_irq function (CVE-2012-2137).
    
    The security_context_to_sid_core function in
    security/selinux/ss/services.c in the Linux kernel before 3.13.4
    allows local users to cause a denial of service (system crash) by
    leveraging the CAP_MAC_ADMIN capability to set a zero-length security
    context (CVE-2014-1874).
    
    The updated packages provides a solution for these security issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Android "Towelroot" Futex Requeue Kernel Exploit');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cpupower");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-firmware");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perf");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/06/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"cpupower-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"kernel-firmware-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-headers-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-devel-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"kernel-source-3.4.93-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower-devel-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower0-3.4.93-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"perf-3.4.93-1.1.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-3070.NASL
    descriptionThe remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen2020-06-01
    modified2020-06-02
    plugin id77355
    published2014-08-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77355
    titleOracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3070)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2223-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74211
    published2014-05-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74211
    titleUbuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140610_KERNEL_ON_SL5_X.NASL
    description - A flaw was found in the way the Linux kernel
    last seen2020-03-18
    modified2014-06-12
    plugin id74489
    published2014-06-12
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74489
    titleScientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140619_KERNEL_ON_SL6_X.NASL
    description* A flaw was found in the way the Linux kernel
    last seen2020-03-18
    modified2014-06-20
    plugin id76157
    published2014-06-20
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76157
    titleScientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140619)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0800.NASL
    descriptionUpdated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id79032
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79032
    titleRHEL 6 : kernel (RHSA-2014:0800)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2260-1.NASL
    descriptionA flaw was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76295
    published2014-06-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76295
    titleUbuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2260-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2220-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339) An error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id74183
    published2014-05-27
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74183
    titleUbuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1479.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the
    last seen2020-03-19
    modified2019-05-13
    plugin id124803
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124803
    titleEulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2228-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055) A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077) Nikolay Aleksandrov discovered a race condition in Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74215
    published2014-05-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74215
    titleUbuntu 13.10 : linux vulnerabilities (USN-2228-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2226-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077) A flaw was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74214
    published2014-05-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74214
    titleUbuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0771.NASL
    descriptionUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76170
    published2014-06-23
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76170
    titleCentOS 6 : kernel (CESA-2014:0771)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0771.NASL
    descriptionFrom Red Hat Security Advisory 2014:0771 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76155
    published2014-06-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76155
    titleOracle Linux 6 : kernel (ELSA-2014-0771)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1535.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel, through 4.13.11, allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.(CVE-2017-16645i1/4%0 - It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-8172i1/4%0 - A flaw was discovered in the kernel
    last seen2020-03-19
    modified2019-05-14
    plugin id124988
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124988
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1535)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0557.NASL
    descriptionUpdated kernel-rt packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * A race condition leading to a use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76677
    published2014-07-22
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76677
    titleRHEL 6 : MRG (RHSA-2014:0557)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2926.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation : - CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation. - CVE-2014-1737 / CVE-2014-1738 Matthew Daley discovered that missing input sanitising in the FDRAWCMD ioctl and an information leak could result in privilege escalation. - CVE-2014-2851 Incorrect reference counting in the ping_init_sock() function allows denial of service or privilege escalation. - CVE-2014-3122 Incorrect locking of memory can result in local denial of service.
    last seen2020-03-17
    modified2014-05-13
    plugin id73971
    published2014-05-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73971
    titleDebian DSA-2926-1 : linux - security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-0772-1.NASL
    descriptionThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. The following security issues have been addressed : CVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (bnc#852553) CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643) CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) Additionally, the following non-security bugs have been fixed : - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968). - tcp: syncookies: reduce mss table to four values (bnc#833968). - ia64: Change default PSR.ac from
    last seen2020-06-05
    modified2015-05-20
    plugin id83626
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83626
    titleSUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-375.NASL
    descriptionThis Linux kernel security update fixes various security issues and bugs. The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed : A security issue in the tty layer that was fixed that could be used by local attackers for code execution (CVE-2014-0196). Two security issues in the floppy driver were fixed that could be used by local attackers on machines with the floppy to crash the kernel or potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738). Other security issues and bugfixes : - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper (bnc#860835 CVE-2014-1690). - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH (bnc#866102, CVE-2014-0101). - [media] ivtv: Fix Oops when no firmware is loaded (bnc#875440). - ALSA: hda - Add dock pin setups for Thinkpad T440 (bnc#876699). - ip6tnl: fix double free of fb_tnl_dev on exit (bnc#876531). - Update arm config files: Enable all USB-to-serial drivers Specifically, enable USB_SERIAL_WISHBONE and USB_SERIAL_QT2 on all arm flavors. - mei: limit the number of consecutive resets (bnc#821619,bnc#852656). - mei: revamp mei reset state machine (bnc#821619,bnc#852656). - mei: use hbm idle state to prevent spurious resets (bnc#821619). - mei: do not run reset flow from the interrupt thread (bnc#821619,bnc#852656). - mei: don
    last seen2020-06-05
    modified2014-06-13
    plugin id75363
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75363
    titleopenSUSE Security Update : kernel (openSUSE-SU-2014:0678-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0900.NASL
    descriptionUpdated kernel packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id79035
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79035
    titleRHEL 6 : kernel (RHSA-2014:0900)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-3041.NASL
    descriptionDescription of changes: kernel-uek [3.8.13-35.1.2.el6uek] - floppy: don
    last seen2020-06-01
    modified2020-06-02
    plugin id76184
    published2014-06-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76184
    titleOracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2017-0057.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0057 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id99163
    published2017-04-03
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99163
    titleOracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0771.NASL
    descriptionUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76156
    published2014-06-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76156
    titleRHEL 6 : kernel (RHSA-2014:0771)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-376.NASL
    descriptionThe Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed : A security issue in the tty layer that was fixed that could be used by local attackers for code execution (CVE-2014-0196). Two security issues in the floppy driver were fixed that could be used by local attackers on machines with the floppy to crash the kernel or potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738). Other security issues and bugs that were fixed : - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper (bnc#860835 CVE-2014-1690). - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH (bnc#866102, CVE-2014-0101). - n_tty: Fix a n_tty_write crash and code execution when echoing in raw mode (bnc#871252 bnc#875690 CVE-2014-0196). - netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717). - Update config files: re-enable twofish crypto support Software twofish crypto support was disabled in several architectures since openSUSE 10.3. For i386 and x86_64 it was on purpose, because hardware-accelerated alternatives exist. However for all other architectures it was by accident. Re-enable software twofish crypto support in arm, ia64 and ppc configuration files, to guarantee that at least one implementation is always available (bnc#871325). - Update config files: disable CONFIG_TOUCHSCREEN_W90X900 The w90p910_ts driver only makes sense on the W90x900 architecture, which we do not support. - ath9k: protect tid->sched check (bnc#871148,CVE-2014-2672). - Fix dst_neigh_lookup/dst_neigh_lookup_skb return value handling bug (bnc#869898). - SELinux: Fix kernel BUG on empty security contexts (bnc#863335,CVE-2014-1874). - hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446). - wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445). - farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444). - ARM: 7809/1: perf: fix event validation for software group leaders (CVE-2013-4254, bnc#837111). - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (bnc#868653, CVE-2014-2523). - ath9k_htc: properly set MAC address and BSSID mask (bnc#851426, CVE-2013-4579). - drm/ttm: don
    last seen2020-06-05
    modified2014-06-13
    plugin id75364
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75364
    titleopenSUSE Security Update : kernel (openSUSE-SU-2014:0677-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0786.NASL
    descriptionFrom Red Hat Security Advisory 2014:0786 : Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76738
    published2014-07-24
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76738
    titleOracle Linux 7 : kernel (ELSA-2014-0786)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2221-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74184
    published2014-05-27
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74184
    titleUbuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-0773-1.NASL
    descriptionThe SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. The following security issues have been addressed : CVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (bnc#852553) CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643) CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) Additionally, the following non-security bugs have been fixed : - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968). - tcp: syncookies: reduce mss table to four values (bnc#833968). - ia64: Change default PSR.ac from
    last seen2020-06-05
    modified2015-05-20
    plugin id83627
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83627
    titleSUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0740-1.NASL
    descriptionFrom Red Hat Security Advisory 2014:0740 : Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74505
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74505
    titleOracle Linux 5 : kernel (ELSA-2014-0740-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0290.NASL
    descriptionThe remote Oracle Linux host is missing a security update for one or more kernel-related packages.
    last seen2020-06-01
    modified2020-06-02
    plugin id81800
    published2015-03-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81800
    titleOracle Linux 7 : kernel (ELSA-2015-0290)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-6354.NASL
    descriptionThe 3.14.4 stable update contains a number of important fixes across the tree. The 3.14.3 stable rebase contains support for new hardware, some new features, and a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-05-22
    plugin id74132
    published2014-05-22
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74132
    titleFedora 19 : kernel-3.14.4-100.fc19 (2014-6354)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-3042.NASL
    descriptionDescription of changes: [2.6.39-400.215.3.el6uek] - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028380] {CVE-2014-1874} - floppy: don
    last seen2020-06-01
    modified2020-06-02
    plugin id76185
    published2014-06-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76185
    titleOracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-3043.NASL
    descriptionDescription of changes: kernel-uek [2.6.32-400.36.3.el6uek] - fix autofs/afs/etc. magic mountpoint breakage (Al Viro) [Orabug: 19028505] {CVE-2014-0203} - SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028381] {CVE-2014-1874} - floppy: don
    last seen2020-06-01
    modified2020-06-02
    plugin id76186
    published2014-06-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76186
    titleOracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0740.NASL
    descriptionUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74471
    published2014-06-12
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74471
    titleCentOS 5 : kernel (CESA-2014:0740)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0815.NASL
    descriptionAn updated rhev-hypervisor6 package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id79108
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79108
    titleRHEL 6 : rhev-hypervisor6 (RHSA-2014:0815)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-6357.NASL
    descriptionThe 3.14.4 stable update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-05-19
    plugin id74049
    published2014-05-19
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74049
    titleFedora 20 : kernel-3.14.4-200.fc20 (2014-6357)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2219-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339) An error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id74182
    published2014-05-27
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74182
    titleUbuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-0832-1.NASL
    descriptionThe SUSE Linux Enterprise Server 10 SP3 LTSS received a roll up update to fix several security and non-security issues. The following security issues have been fixed : CVE-2013-0343: The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. (bnc#805226) CVE-2013-2888: Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID. (bnc#835839) CVE-2013-2893: The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c. (bnc#835839) CVE-2013-2897: Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device. (bnc#835839) CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. (bnc#847672) CVE-2013-4483: The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application. (bnc#848321) CVE-2013-4588: Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. (bnc#851095) CVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (bnc#852553) CVE-2013-6383: The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. (bnc#852558) CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643) CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643) CVE-2014-1444: The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. (bnc#858869) CVE-2014-1445: The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call. (bnc#858870) CVE-2014-1446: The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. (bnc#858872) CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) The following bugs have been fixed : - kernel: sclp console hangs (bnc#830344, LTC#95711, bnc#860304). - ia64: Change default PSR.ac from
    last seen2020-06-05
    modified2015-05-20
    plugin id83628
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83628
    titleSUSE SLES10 Security Update : kernel (SUSE-SU-2014:0832-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2225-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055) A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077) Nikolay Aleksandrov discovered a race condition in Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74213
    published2014-05-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74213
    titleUbuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2928.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to a denial of service or privilege escalation. - CVE-2014-1737 CVE-2014-1738 Matthew Daley discovered an information leak and missing input sanitising in the FDRAWCMD ioctl of the floppy driver. This could result in a privilege escalation.
    last seen2020-03-17
    modified2014-05-16
    plugin id74027
    published2014-05-16
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74027
    titleDebian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0772.NASL
    descriptionUpdated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id79031
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79031
    titleRHEL 5 : kernel (RHSA-2014:0772)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1508.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343i1/4%0 - A use-after-free flaw was found in the way the Linux kernel
    last seen2020-03-19
    modified2019-05-21
    plugin id125301
    published2019-05-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125301
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0801.NASL
    descriptionUpdated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5.6 Long Life. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id79290
    published2014-11-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79290
    titleRHEL 5 : kernel (RHSA-2014:0801)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0786.NASL
    descriptionUpdated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id76901
    published2014-07-30
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76901
    titleRHEL 7 : kernel (RHSA-2014:0786)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0740.NASL
    descriptionFrom Red Hat Security Advisory 2014:0740 : Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74482
    published2014-06-12
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74482
    titleOracle Linux 5 : kernel (ELSA-2014-0740)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2224-1.NASL
    descriptionMatthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738) Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737) A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055) A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077) A flaw was discovered in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id74212
    published2014-05-28
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74212
    titleUbuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_KERNEL-140513.NASL
    descriptionThe SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues : - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798). (CVE-2014-1737) - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798). (CVE-2014-1738) - The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the
    last seen2020-06-05
    modified2014-05-16
    plugin id74033
    published2014-05-16
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74033
    titleSuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)

Redhat

advisories
  • rhsa
    idRHSA-2014:0800
  • rhsa
    idRHSA-2014:0801
rpms
  • kernel-rt-0:3.10.33-rt32.34.el6rt
  • kernel-rt-debug-0:3.10.33-rt32.34.el6rt
  • kernel-rt-debug-debuginfo-0:3.10.33-rt32.34.el6rt
  • kernel-rt-debug-devel-0:3.10.33-rt32.34.el6rt
  • kernel-rt-debuginfo-0:3.10.33-rt32.34.el6rt
  • kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.34.el6rt
  • kernel-rt-devel-0:3.10.33-rt32.34.el6rt
  • kernel-rt-doc-0:3.10.33-rt32.34.el6rt
  • kernel-rt-firmware-0:3.10.33-rt32.34.el6rt
  • kernel-rt-trace-0:3.10.33-rt32.34.el6rt
  • kernel-rt-trace-debuginfo-0:3.10.33-rt32.34.el6rt
  • kernel-rt-trace-devel-0:3.10.33-rt32.34.el6rt
  • kernel-rt-vanilla-0:3.10.33-rt32.34.el6rt
  • kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.34.el6rt
  • kernel-rt-vanilla-devel-0:3.10.33-rt32.34.el6rt
  • kernel-0:2.6.18-371.9.1.el5
  • kernel-PAE-0:2.6.18-371.9.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-371.9.1.el5
  • kernel-PAE-devel-0:2.6.18-371.9.1.el5
  • kernel-debug-0:2.6.18-371.9.1.el5
  • kernel-debug-debuginfo-0:2.6.18-371.9.1.el5
  • kernel-debug-devel-0:2.6.18-371.9.1.el5
  • kernel-debuginfo-0:2.6.18-371.9.1.el5
  • kernel-debuginfo-common-0:2.6.18-371.9.1.el5
  • kernel-devel-0:2.6.18-371.9.1.el5
  • kernel-doc-0:2.6.18-371.9.1.el5
  • kernel-headers-0:2.6.18-371.9.1.el5
  • kernel-kdump-0:2.6.18-371.9.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-371.9.1.el5
  • kernel-kdump-devel-0:2.6.18-371.9.1.el5
  • kernel-xen-0:2.6.18-371.9.1.el5
  • kernel-xen-debuginfo-0:2.6.18-371.9.1.el5
  • kernel-xen-devel-0:2.6.18-371.9.1.el5
  • kernel-0:2.6.32-431.20.3.el6
  • kernel-abi-whitelists-0:2.6.32-431.20.3.el6
  • kernel-bootwrapper-0:2.6.32-431.20.3.el6
  • kernel-debug-0:2.6.32-431.20.3.el6
  • kernel-debug-debuginfo-0:2.6.32-431.20.3.el6
  • kernel-debug-devel-0:2.6.32-431.20.3.el6
  • kernel-debuginfo-0:2.6.32-431.20.3.el6
  • kernel-debuginfo-common-i686-0:2.6.32-431.20.3.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-431.20.3.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-431.20.3.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-431.20.3.el6
  • kernel-devel-0:2.6.32-431.20.3.el6
  • kernel-doc-0:2.6.32-431.20.3.el6
  • kernel-firmware-0:2.6.32-431.20.3.el6
  • kernel-headers-0:2.6.32-431.20.3.el6
  • kernel-kdump-0:2.6.32-431.20.3.el6
  • kernel-kdump-debuginfo-0:2.6.32-431.20.3.el6
  • kernel-kdump-devel-0:2.6.32-431.20.3.el6
  • perf-0:2.6.32-431.20.3.el6
  • perf-debuginfo-0:2.6.32-431.20.3.el6
  • python-perf-0:2.6.32-431.20.3.el6
  • python-perf-debuginfo-0:2.6.32-431.20.3.el6
  • kernel-0:2.6.18-348.27.1.el5
  • kernel-PAE-0:2.6.18-348.27.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-348.27.1.el5
  • kernel-PAE-devel-0:2.6.18-348.27.1.el5
  • kernel-debug-0:2.6.18-348.27.1.el5
  • kernel-debug-debuginfo-0:2.6.18-348.27.1.el5
  • kernel-debug-devel-0:2.6.18-348.27.1.el5
  • kernel-debuginfo-0:2.6.18-348.27.1.el5
  • kernel-debuginfo-common-0:2.6.18-348.27.1.el5
  • kernel-devel-0:2.6.18-348.27.1.el5
  • kernel-doc-0:2.6.18-348.27.1.el5
  • kernel-headers-0:2.6.18-348.27.1.el5
  • kernel-kdump-0:2.6.18-348.27.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-348.27.1.el5
  • kernel-kdump-devel-0:2.6.18-348.27.1.el5
  • kernel-xen-0:2.6.18-348.27.1.el5
  • kernel-xen-debuginfo-0:2.6.18-348.27.1.el5
  • kernel-xen-devel-0:2.6.18-348.27.1.el5
  • kernel-0:3.10.0-123.4.2.el7
  • kernel-abi-whitelists-0:3.10.0-123.4.2.el7
  • kernel-bootwrapper-0:3.10.0-123.4.2.el7
  • kernel-debug-0:3.10.0-123.4.2.el7
  • kernel-debug-debuginfo-0:3.10.0-123.4.2.el7
  • kernel-debug-devel-0:3.10.0-123.4.2.el7
  • kernel-debuginfo-0:3.10.0-123.4.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-123.4.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-123.4.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-123.4.2.el7
  • kernel-devel-0:3.10.0-123.4.2.el7
  • kernel-doc-0:3.10.0-123.4.2.el7
  • kernel-headers-0:3.10.0-123.4.2.el7
  • kernel-kdump-0:3.10.0-123.4.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-123.4.2.el7
  • kernel-kdump-devel-0:3.10.0-123.4.2.el7
  • kernel-tools-0:3.10.0-123.4.2.el7
  • kernel-tools-debuginfo-0:3.10.0-123.4.2.el7
  • kernel-tools-libs-0:3.10.0-123.4.2.el7
  • kernel-tools-libs-devel-0:3.10.0-123.4.2.el7
  • perf-0:3.10.0-123.4.2.el7
  • perf-debuginfo-0:3.10.0-123.4.2.el7
  • python-perf-0:3.10.0-123.4.2.el7
  • python-perf-debuginfo-0:3.10.0-123.4.2.el7
  • kernel-0:2.6.32-220.52.1.el6
  • kernel-debug-0:2.6.32-220.52.1.el6
  • kernel-debug-debuginfo-0:2.6.32-220.52.1.el6
  • kernel-debug-devel-0:2.6.32-220.52.1.el6
  • kernel-debuginfo-0:2.6.32-220.52.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-220.52.1.el6
  • kernel-devel-0:2.6.32-220.52.1.el6
  • kernel-doc-0:2.6.32-220.52.1.el6
  • kernel-firmware-0:2.6.32-220.52.1.el6
  • kernel-headers-0:2.6.32-220.52.1.el6
  • perf-0:2.6.32-220.52.1.el6
  • perf-debuginfo-0:2.6.32-220.52.1.el6
  • python-perf-0:2.6.32-220.52.1.el6
  • python-perf-debuginfo-0:2.6.32-220.52.1.el6
  • kernel-0:2.6.18-238.53.1.el5
  • kernel-PAE-0:2.6.18-238.53.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-238.53.1.el5
  • kernel-PAE-devel-0:2.6.18-238.53.1.el5
  • kernel-debug-0:2.6.18-238.53.1.el5
  • kernel-debug-debuginfo-0:2.6.18-238.53.1.el5
  • kernel-debug-devel-0:2.6.18-238.53.1.el5
  • kernel-debuginfo-0:2.6.18-238.53.1.el5
  • kernel-debuginfo-common-0:2.6.18-238.53.1.el5
  • kernel-devel-0:2.6.18-238.53.1.el5
  • kernel-doc-0:2.6.18-238.53.1.el5
  • kernel-headers-0:2.6.18-238.53.1.el5
  • kernel-xen-0:2.6.18-238.53.1.el5
  • kernel-xen-debuginfo-0:2.6.18-238.53.1.el5
  • kernel-xen-devel-0:2.6.18-238.53.1.el5
  • kernel-0:2.6.32-358.46.1.el6
  • kernel-bootwrapper-0:2.6.32-358.46.1.el6
  • kernel-debug-0:2.6.32-358.46.1.el6
  • kernel-debug-debuginfo-0:2.6.32-358.46.1.el6
  • kernel-debug-devel-0:2.6.32-358.46.1.el6
  • kernel-debuginfo-0:2.6.32-358.46.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-358.46.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-358.46.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-358.46.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-358.46.1.el6
  • kernel-devel-0:2.6.32-358.46.1.el6
  • kernel-doc-0:2.6.32-358.46.1.el6
  • kernel-firmware-0:2.6.32-358.46.1.el6
  • kernel-headers-0:2.6.32-358.46.1.el6
  • kernel-kdump-0:2.6.32-358.46.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-358.46.1.el6
  • kernel-kdump-devel-0:2.6.32-358.46.1.el6
  • perf-0:2.6.32-358.46.1.el6
  • perf-debuginfo-0:2.6.32-358.46.1.el6
  • python-perf-0:2.6.32-358.46.1.el6
  • python-perf-debuginfo-0:2.6.32-358.46.1.el6