Vulnerabilities > CVE-2016-7117 - Data Processing Errors vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
debian
linux
canonical
CWE-19
critical
nessus

Summary

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

Vulnerable Configurations

Part Description Count
OS
Debian
1
OS
Linux
992
OS
Canonical
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • XML Nested Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By nesting XML data and causing this data to be continuously self-referential, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization. An attacker's goal is to leverage parser failure to his or her advantage. In most cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it may be possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.230.1].
  • XML Oversized Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An attacker's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1].
  • XML Client-Side Attack
    Client applications such as web browsers that process HTML data often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.484.1]
  • XML Parser Attack
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.99.1]

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-245.NASL
    descriptionThe openSUSE 42.2 kernel was updated to 4.4.42 stable release. The following security bugs were fixed : - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077 1003253). - CVE-2017-5576, CVE-2017-5577: A buffer overflow in the VC4_SUBMIT_CL IOCTL in the VideoCore DRM driver for Raspberry Pi was fixed. (bsc#1021294) - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don
    last seen2020-06-05
    modified2017-02-21
    plugin id97274
    published2017-02-21
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97274
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2017-245)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2017-245.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97274);
      script_version("3.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-8709", "CVE-2016-7117", "CVE-2016-8645", "CVE-2016-9793", "CVE-2016-9806", "CVE-2016-9919", "CVE-2017-2583", "CVE-2017-2584", "CVE-2017-5551", "CVE-2017-5576", "CVE-2017-5577");
    
      script_name(english:"openSUSE Security Update : the Linux Kernel (openSUSE-2017-245)");
      script_summary(english:"Check for the openSUSE-2017-245 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The openSUSE 42.2 kernel was updated to 4.4.42 stable release.
    
    The following security bugs were fixed :
    
      - CVE-2016-7117: Use-after-free vulnerability in the
        __sys_recvmmsg function in net/socket.c in the Linux
        kernel allowed remote attackers to execute arbitrary
        code via vectors involving a recvmmsg system call that
        is mishandled during error processing (bnc#1003077
        1003253).
    
      - CVE-2017-5576, CVE-2017-5577: A buffer overflow in the
        VC4_SUBMIT_CL IOCTL in the VideoCore DRM driver for
        Raspberry Pi was fixed. (bsc#1021294)
    
      - CVE-2017-5551: tmpfs: Fixed a bug that could have
        allowed users to set setgid bits on files they don't
        down. (bsc#1021258).
    
      - CVE-2017-2583: A Linux kernel built with the
        Kernel-based Virtual Machine (CONFIG_KVM) support was
        vulnerable to an incorrect segment selector(SS) value
        error. A user/process inside guest could have used this
        flaw to crash the guest resulting in DoS or potentially
        escalate their privileges inside guest. (bsc#1020602).
    
      - CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux
        kernel allowed local users to obtain sensitive
        information from kernel memory or cause a denial of
        service (use-after-free) via a crafted application that
        leverages instruction emulation for fxrstor, fxsave,
        sgdt, and sidt (bnc#1019851).
    
      - CVE-2015-8709: ** DISPUTED ** kernel/ptrace.c in the
        Linux kernel mishandled uid and gid mappings, which
        allowed local users to gain privileges by establishing a
        user namespace, waiting for a root process to enter that
        namespace with an unsafe uid or gid, and then using the
        ptrace system call. NOTE: the vendor states 'there is no
        kernel bug here (bnc#959709 bsc#960561).
    
      - CVE-2016-9806: Race condition in the netlink_dump
        function in net/netlink/af_netlink.c in the Linux kernel
        allowed local users to cause a denial of service (double
        free) or possibly have unspecified other impact via a
        crafted application that made sendmsg system calls,
        leading to a free operation associated with a new dump
        that started earlier than anticipated (bnc#1013540
        1017589).
    
      - CVE-2016-8645: The TCP stack in the Linux kernel
        mishandled skb truncation, which allowed local users to
        cause a denial of service (system crash) via a crafted
        application that made sendto system calls, related to
        net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c
        (bnc#1009969).
    
      - CVE-2016-9793: The sock_setsockopt function in
        net/core/sock.c in the Linux kernel mishandled negative
        values of sk_sndbuf and sk_rcvbuf, which allowed local
        users to cause a denial of service (memory corruption
        and system crash) or possibly have unspecified other
        impact by leveraging the CAP_NET_ADMIN capability for a
        crafted setsockopt system call with the (1)
        SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531
        bsc#1013542).
    
      - CVE-2016-9919: The icmp6_send function in
        net/ipv6/icmp.c in the Linux kernel omits a certain
        check of the dst data structure, which allowed remote
        attackers to cause a denial of service (panic) via a
        fragmented IPv6 packet (bnc#1014701).
    
    The following non-security bugs were fixed :
    
      - 8250/fintek: rename IRQ_MODE macro (boo#1009546).
    
      - acpi, nfit: fix bus vs dimm confusion in xlat_status
        (bsc#1023175).
    
      - acpi, nfit, libnvdimm: fix / harden ars_status output
        length handling (bsc#1023175).
    
      - acpi, nfit: validate ars_status output buffer size
        (bsc#1023175).
    
      - arm64/numa: fix incorrect log for memory-less node
        (bsc#1019631).
    
      - ASoC: cht_bsw_rt5645: Fix leftover kmalloc
        (bsc#1010690).
    
      - ASoC: Intel: bytcr_rt5640: fallback mechanism if MCLK is
        not enabled (bsc#1010690).
    
      - ASoC: rt5670: add HS ground control (bsc#1016250).
    
      - avoid including 'mountproto=' with no protocol in
        /proc/mounts (bsc#1019260).
    
      - bcache: Make gc wakeup sane, remove set_task_state()
        (bsc#1021260).
    
      - bcache: partition support: add 16 minors per bcacheN
        device (bsc#1019784).
    
      - blacklist.conf: add 1b8d2afde54f libnvdimm, pfn: fix
        ARCH=alpha allmodconfig build failure (bsc#1023175).
    
      - blacklist.conf: Add i915 stable commits that can be
        ignored (bsc#1015367)
    
      - blk: Do not collide with QUEUE_FLAG_WC from upstream
        (bsc#1022547)
    
      - blk-mq: Allow timeouts to run while queue is freezing
        (bsc#1020817).
    
      - blk-mq: Always schedule hctx->next_cpu (bsc#1020817).
    
      - blk-mq: Avoid memory reclaim when remapping queues
        (bsc#1020817).
    
      - blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).
    
      - blk-mq: Fix failed allocation path when mapping queues
        (bsc#1020817).
    
      - blk-mq: improve warning for running a queue on the wrong
        CPU (bsc#1020817).
    
      - block: Change extern inline to static inline
        (bsc#1023175).
    
      - Bluetooth: btmrvl: fix hung task warning dump
        (bsc#1018813).
    
      - bnx2x: Correct ringparam estimate when DOWN
        (bsc#1020214).
    
      - brcmfmac: Change error print on wlan0 existence
        (bsc#1000092).
    
      - btrfs: add support for RENAME_EXCHANGE and
        RENAME_WHITEOUT (bsc#1020975).
    
      - btrfs: bugfix: handle
        FS_IOC32_(GETFLAGS,SETFLAGS,GETVERSION) in btrfs_ioctl
        (bsc#1018100).
    
      - btrfs: fix inode leak on failure to setup whiteout inode
        in rename (bsc#1020975).
    
      - btrfs: fix lockdep warning about log_mutex
        (bsc#1021455).
    
      - btrfs: fix lockdep warning on deadlock against an
        inode's log mutex (bsc#1021455).
    
      - btrfs: fix number of transaction units for renames with
        whiteout (bsc#1020975).
    
      - btrfs: incremental send, fix invalid paths for rename
        operations (bsc#1018316).
    
      - btrfs: incremental send, fix premature rmdir operations
        (bsc#1018316).
    
      - btrfs: increment ctx->pos for every emitted or skipped
        dirent in readdir (bsc#981709).
    
      - btrfs: pin log earlier when renaming (bsc#1020975).
    
      - btrfs: pin logs earlier when doing a rename exchange
        operation (bsc#1020975).
    
      - btrfs: remove old tree_root dirent processing in
        btrfs_real_readdir() (bsc#981709).
    
      - btrfs: send, add missing error check for calls to
        path_loop() (bsc#1018316).
    
      - btrfs: send, avoid incorrect leaf accesses when sending
        utimes operations (bsc#1018316).
    
      - btrfs: send, fix failure to move directories with the
        same name around (bsc#1018316).
    
      - btrfs: send, fix invalid leaf accesses due to incorrect
        utimes operations (bsc#1018316).
    
      - btrfs: send, fix warning due to late freeing of
        orphan_dir_info structures (bsc#1018316).
    
      - btrfs: test_check_exists: Fix infinite loop when
        searching for free space entries (bsc#987192).
    
      - btrfs: unpin log if rename operation fails
        (bsc#1020975).
    
      - btrfs: unpin logs if rename exchange operation fails
        (bsc#1020975).
    
      - [BZ 149851] kernel: Fix invalid domain response handling
        (bnc#1009718, LTC#149851).
    
      - ceph: fix bad endianness handling in
        parse_reply_info_extra (bsc#1020488).
    
      - clk: xgene: Add PMD clock (bsc#1019351).
    
      - clk: xgene: Do not call __pa on ioremaped address
        (bsc#1019351).
    
      - clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).
    
      - config: enable Ceph kernel client modules for ppc64le
        (fate#321098)
    
      - config: enable Ceph kernel client modules for s390x
        (fate#321098)
    
      - config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2
        (bsc#1015038)
    
      - crypto: drbg - do not call drbg_instantiate in healt
        test (bsc#1018913).
    
      - crypto: drbg - remove FIPS 140-2 continuous test
        (bsc#1018913).
    
      - crypto: FIPS - allow tests to be disabled in FIPS mode
        (bsc#1018913).
    
      - crypto: qat - fix bar discovery for c62x (bsc#1021251).
    
      - crypto: qat - zero esram only for DH85x devices
        (1021248).
    
      - crypto: rsa - allow keys >= 2048 bits in FIPS mode
        (bsc#1018913).
    
      - crypto: xts - consolidate sanity check for keys
        (bsc#1018913).
    
      - crypto: xts - fix compile errors (bsc#1018913).
    
      - cxl: fix potential NULL dereference in free_adapter()
        (bsc#1016517).
    
      - dax: fix deadlock with DAX 4k holes (bsc#1012829).
    
      - dax: fix device-dax region base (bsc#1023175).
    
      - device-dax: check devm_nsio_enable() return value
        (bsc#1023175).
    
      - device-dax: fail all private mapping attempts
        (bsc#1023175).
    
      - device-dax: fix percpu_ref_exit ordering (bsc#1023175).
    
      - driver core: fix race between creating/querying glue dir
        and its cleanup (bnc#1008742).
    
      - drivers:hv: balloon: account for gaps in hot add regions
        (fate#320485).
    
      - drivers:hv: balloon: Add logging for dynamic memory
        operations (fate#320485).
    
      - drivers:hv: balloon: Disable hot add when
        CONFIG_MEMORY_HOTPLUG is not set (fate#320485).
    
      - drivers:hv: balloon: Fix info request to show max page
        count (fate#320485).
    
      - drivers:hv: balloon: keep track of where ha_region
        starts (fate#320485).
    
      - drivers:hv: balloon: replace ha_region_mutex with
        spinlock (fate#320485).
    
      - drivers:hv: balloon: Use available memory value in
        pressure report (fate#320485).
    
      - drivers:hv: cleanup vmbus_open() for wrap around
        mappings (fate#320485).
    
      - drivers:hv: do not leak memory in
        vmbus_establish_gpadl() (fate#320485).
    
      - drivers:hv: get rid of id in struct vmbus_channel
        (fate#320485).
    
      - drivers:hv: get rid of redundant messagecount in
        create_gpadl_header() (fate#320485).
    
      - drivers:hv: get rid of timeout in vmbus_open()
        (fate#320485).
    
      - drivers:hv: Introduce a policy for controlling channel
        affinity (fate#320485).
    
      - drivers:hv: make VMBus bus ids persistent (fate#320485).
    
      - drivers:hv: ring_buffer: count on wrap around mappings
        in get_next_pkt_raw() (v2) (fate#320485).
    
      - drivers:hv: ring_buffer: use wrap around mappings in
        hv_copy(from, to)_ringbuffer() (fate#320485).
    
      - drivers:hv: ring_buffer: wrap around mappings for ring
        buffers (fate#320485).
    
      - drivers:hv: utils: Check VSS daemon is listening before
        a hot backup (fate#320485).
    
      - drivers:hv: utils: Continue to poll VSS channel after
        handling requests (fate#320485).
    
      - drivers:hv: utils: fix a race on userspace daemons
        registration (bnc#1014392).
    
      - drivers:hv: utils: Fix the mapping between host version
        and protocol to use (fate#320485).
    
      - drivers:hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout
        (fate#320485).
    
      - drivers:hv: vmbus: Base host signaling strictly on the
        ring state (fate#320485).
    
      - drivers:hv: vmbus: Enable explicit signaling policy for
        NIC channels (fate#320485).
    
      - drivers:hv: vmbus: finally fix
        hv_need_to_signal_on_read() (fate#320485, bug#1018385).
    
      - drivers:hv: vmbus: fix the race when querying & updating
        the percpu list (fate#320485).
    
      - drivers:hv: vmbus: Implement a mechanism to tag the
        channel for low latency (fate#320485).
    
      - drivers: hv: vmbus: Make mmio resource local
        (fate#320485).
    
      - drivers:hv: vmbus: On the read path cleanup the logic to
        interrupt the host (fate#320485).
    
      - drivers:hv: vmbus: On write cleanup the logic to
        interrupt the host (fate#320485).
    
      - drivers:hv: vmbus: Reduce the delay between retries in
        vmbus_post_msg() (fate#320485).
    
      - drivers:hv: vmbus: suppress some 'hv_vmbus: Unknown
        GUID' warnings (fate#320485).
    
      - drivers:hv: vss: Improve log messages (fate#320485).
    
      - drivers:hv: vss: Operation timeouts should match host
        expectation (fate#320485).
    
      - drivers: net: phy: mdio-xgene: Add hardware dependency
        (bsc#1019351).
    
      - drivers: net: phy: xgene: Fix 'remove' function
        (bsc#1019351).
    
      - drivers: net: xgene: Add change_mtu function
        (bsc#1019351).
    
      - drivers: net: xgene: Add flow control configuration
        (bsc#1019351).
    
      - drivers: net: xgene: Add flow control initialization
        (bsc#1019351).
    
      - drivers: net: xgene: Add helper function (bsc#1019351).
    
      - drivers: net: xgene: Add support for Jumbo frame
        (bsc#1019351).
    
      - drivers: net: xgene: Configure classifier with pagepool
        (bsc#1019351).
    
      - drivers: net: xgene: fix build after change_mtu function
        change (bsc#1019351).
    
      - drivers: net: xgene: fix: Coalescing values for v2
        hardware (bsc#1019351).
    
      - drivers: net: xgene: fix: Disable coalescing on v1
        hardware (bsc#1019351).
    
      - drivers: net: xgene: Fix MSS programming (bsc#1019351).
    
      - drivers: net: xgene: fix: RSS for non-TCP/UDP
        (bsc#1019351).
    
      - drivers: net: xgene: fix: Use GPIO to get link status
        (bsc#1019351).
    
      - drivers: net: xgene: uninitialized variable in
        xgene_enet_free_pagepool() (bsc#1019351).
    
      - drm: Fix broken VT switch with video=1366x768 option
        (bsc#1018358).
    
      - drm/i915: add helpers for platform specific revision id
        range checks (bsc#1015367).
    
      - drm/i915: Apply broader WaRsDisableCoarsePowerGating for
        guc also (bsc#1015367).
    
      - drm/i915/bxt: add revision id for A1 stepping and use it
        (bsc#1015367).
    
      - drm/i915: Call intel_dp_mst_resume() before resuming
        displays (bsc#1015359).
    
      - drm/i915: Cleaning up DDI translation tables
        (bsc#1014392).
    
      - drm/i915: Clean up L3 SQC register field definitions
        (bsc#1014392).
    
      - drm/i915: Do not init hpd polling for vlv and chv from
        runtime_suspend() (bsc#1014120).
    
      - drm-i915-dp-Restore-PPS-HW-state-from-the-encoder-re
    
      - drm/i915/dp: Restore PPS HW state from the encoder
        resume hook (bsc#1019061).
    
      - drm/i915/dsi: fix CHV dsi encoder hardware state readout
        on port C (bsc#1015367).
    
      - drm/i915: Exit cherryview_irq_handler() after one pass
        (bsc#1015367).
    
      - drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer
        translation entry 2 (bsc#1014392).
    
      - drm/i915: Fix system resume if PCI device remained
        enabled (bsc#1015367).
    
      - drm/i915: Fix watermarks for VLV/CHV (bsc#1011176).
    
      - drm/i915: Force ringbuffers to not be at offset 0
        (bsc#1015367).
    
      - drm/i915: Force VDD off on the new power seqeuencer
        before starting to use it (bsc#1009674).
    
      - drm/i915/gen9: Add WaInPlaceDecompressionHang
        (bsc#1014392).
    
      - drm/i915/gen9: Fix PCODE polling during CDCLK change
        notification (bsc#1015367).
    
      - drm/i915: Mark CPU cache as dirty when used for
        rendering (bsc#1015367).
    
      - drm/i915: Mark i915_hpd_poll_init_work as static
        (bsc#1014120).
    
      - drm-i915-Prevent-PPS-stealing-from-a-normal-DP-port
    
      - drm/i915: Prevent PPS stealing from a normal DP port on
        VLV/CHV (bsc#1019061).
    
      - drm/i915: remove parens around revision ids
        (bsc#1015367).
    
      - drm/i915/skl: Add WaDisableGafsUnitClkGating
        (bsc#1014392).
    
      - drm/i915/skl: Fix rc6 based gpu/system hang
        (bsc#1015367).
    
      - drm/i915/skl: Fix spurious gpu hang with gt3/gt4 revs
        (bsc#1015367).
    
      - drm/i915/skl: Update DDI translation tables for SKL
        (bsc#1014392).
    
      - drm/i915/skl: Update watermarks before the crtc is
        disabled (bsc#1015367).
    
      - drm/i915: Update Skylake DDI translation table for DP
        (bsc#1014392).
    
      - drm/i915: Update Skylake DDI translation table for HDMI
        (bsc#1014392).
    
      - drm/i915/userptr: Hold mmref whilst calling
        get-user-pages (bsc#1015367).
    
      - drm/i915/vlv: Prevent enabling hpd polling in late
        suspend (bsc#1014120).
    
      - drm/i915: Workaround for DP DPMS D3 on Dell monitor
        (bsc#1019061).
    
      - drm: Use u64 for intermediate dotclock calculations
        (bnc#1006472).
    
      - drm/vc4: Fix an integer overflow in temporary allocation
        layout (bsc#1021294).
    
      - drm/vc4: Return -EINVAL on the overflow checks failing
        (bsc#1021294).
    
      - drm: virtio-gpu: get the fb from the plane state for
        atomic updates (bsc#1023101).
    
      - EDAC, xgene: Fix spelling mistake in error messages
        (bsc#1019351).
    
      - efi/libstub: Move Graphics Output Protocol handling to
        generic code (bnc#974215).
    
      - fbcon: Fix vc attr at deinit (bsc#1000619).
    
      - Fix kABI breakage by i2c-designware baytrail fix
        (bsc#1011913).
    
      - Fix kABI breakage by linux/acpi.h inclusion in
        i8042-x86ia46io.h (bsc#1011660).
    
      - gpio: xgene: make explicitly non-modular (bsc#1019351).
    
      - gro_cells: mark napi struct as not busy poll candidates
        (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
    
      - hv: acquire vmbus_connection.channel_mutex in
        vmbus_free_channels() (fate#320485).
    
      - hv: change clockevents unbind tactics (fate#320485).
    
      - hv: do not reset hv_context.tsc_page on crash
        (fate#320485, bnc#1007729).
    
      - hv_netvsc: add ethtool statistics for tx packet issues
        (fate#320485).
    
      - hv_netvsc: Add handler for physical link speed change
        (fate#320485).
    
      - hv_netvsc: Add query for initial physical link speed
        (fate#320485).
    
      - hv_netvsc: count multicast packets received
        (fate#320485).
    
      - hv_netvsc: dev hold/put reference to VF (fate#320485).
    
      - hv_netvsc: fix a race between netvsc_send() and
        netvsc_init_buf() (fate#320485).
    
      - hv_netvsc: fix comments (fate#320485).
    
      - hv_netvsc: fix rtnl locking in callback (fate#320485).
    
      - hv_netvsc: Implement batching of receive completions
        (fate#320485).
    
      - hv_netvsc: improve VF device matching (fate#320485).
    
      - hv_netvsc: init completion during alloc (fate#320485).
    
      - hv_netvsc: make device_remove void (fate#320485).
    
      - hv_netvsc: make inline functions static (fate#320485).
    
      - hv_netvsc: make netvsc_destroy_buf void (fate#320485).
    
      - hv_netvsc: make RSS hash key static (fate#320485).
    
      - hv_netvsc: make variable local (fate#320485).
    
      - hv_netvsc: rearrange start_xmit (fate#320485).
    
      - hv_netvsc: refactor completion function (fate#320485).
    
      - hv_netvsc: remove excessive logging on MTU change
        (fate#320485).
    
      - hv_netvsc: remove VF in flight counters (fate#320485).
    
      - hv_netvsc: report vmbus name in ethtool (fate#320485).
    
      - hv_netvsc: simplify callback event code (fate#320485).
    
      - hv_netvsc: style cleanups (fate#320485).
    
      - hv_netvsc: use ARRAY_SIZE() for NDIS versions
        (fate#320485).
    
      - hv_netvsc: use consume_skb (fate#320485).
    
      - hv_netvsc: use kcalloc (fate#320485).
    
      - hv_netvsc: use RCU to protect vf_netdev (fate#320485).
    
      - hyperv: Fix spelling of HV_UNKOWN (fate#320485).
    
      - i2c: designware-baytrail: Disallow the CPU to enter C6
        or C7 while holding the punit semaphore (bsc#1011913).
    
      - i2c: designware: fix wrong Tx/Rx FIFO for ACPI
        (bsc#1019351).
    
      - i2c: designware: Implement support for SMBus block read
        and write (bsc#1019351).
    
      - i2c: xgene: Fix missing code of DTB support
        (bsc#1019351).
    
      - i40e: Be much more verbose about what we can and cannot
        offload (bsc#985561).
    
      - i915: Delete previous two fixes for i915 (bsc#1019061).
        These upstream fixes brought some regressions, so better
        to revert for now.
    
      - i915: Disable
        patches.drivers/drm-i915-Exit-cherryview_irq_handler-aft
        er-one-pass The patch seems leading to the instability
        on Wyse box (bsc#1015367).
    
      - IB/core: Fix possible memory leak in
        cma_resolve_iboe_route() (bsc#966191 FATE#320230
        bsc#966186 FATE#320228).
    
      - IB/mlx5: Fix iteration overrun in GSI qps (bsc#966170
        FATE#320225 bsc#966172 FATE#320226).
    
      - IB/mlx5: Fix steering resource leak (bsc#966170
        FATE#320225 bsc#966172 FATE#320226).
    
      - IB/mlx5: Set source mac address in FTE (bsc#966170
        FATE#320225 bsc#966172 FATE#320226).
    
      - ibmveth: calculate gso_segs for large packets
        (bsc#1019148).
    
      - ibmveth: check return of skb_linearize in
        ibmveth_start_xmit (bsc#1019148).
    
      - ibmveth: consolidate kmalloc of array, memset 0 to
        kcalloc (bsc#1019148).
    
      - ibmveth: set correct gso_size and gso_type
        (bsc#1019148).
    
      - ibmvnic: convert to use simple_open() (bsc#1015416).
    
      - ibmvnic: Driver Version 1.0.1 (bsc#1015416).
    
      - ibmvnic: drop duplicate header seq_file.h (bsc#1015416).
    
      - ibmvnic: fix error return code in ibmvnic_probe()
        (bsc#1015416).
    
      - ibmvnic: Fix GFP_KERNEL allocation in interrupt context
        (bsc#1015416).
    
      - ibmvnic: Fix missing brackets in init_sub_crq_irqs
        (bsc#1015416).
    
      - ibmvnic: Fix releasing of sub-CRQ IRQs in interrupt
        context (bsc#1015416).
    
      - ibmvnic: Fix size of debugfs name buffer (bsc#1015416).
    
      - ibmvnic: Handle backing device failover and
        reinitialization (bsc#1015416).
    
      - ibmvnic: Start completion queue negotiation at
        server-provided optimum values (bsc#1015416).
    
      - ibmvnic: Unmap ibmvnic_statistics structure
        (bsc#1015416).
    
      - ibmvnic: Update MTU after device initialization
        (bsc#1015416).
    
      - igb: add i211 to i210 PHY workaround (bsc#1009911).
    
      - igb: Workaround for igb i210 firmware issue
        (bsc#1009911).
    
      - Input: i8042 - Trust firmware a bit more when probing on
        X86 (bsc#1011660).
    
      - intel_idle: Add KBL support (bsc#1016884).
    
      - ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).
    
      - ipc/sem.c: add cond_resched in exit_sme (bsc#979378).
    
      - ixgbe: Do not clear RAR entry when clearing VMDq for SAN
        MAC (bsc#969474 FATE#319812 bsc#969475 FATE#319814).
    
      - ixgbe: Force VLNCTRL.VFE to be set in all VMDq paths
        (bsc#969474 FATE#319812 bsc#969475 FATE#319814).
    
      - KABI fix (bsc#1014410).
    
      - kABI: protect struct mm_struct (kabi).
    
      - kABI: protect struct musb_platform_ops (kabi).
    
      - kABI: protect struct task_struct (kabi).
    
      - kABI: protect struct user_fpsimd_state (kabi).
    
      - kABI: protect struct wake_irq (kabi).
    
      - kABI: protect struct xhci_hcd (kabi).
    
      - kABI: protect user_namespace include in fs/exec (kabi).
    
      - kABI: protect user_namespace include in kernel/ptrace
        (kabi).
    
      - kabi/severities: Ignore changes in drivers/hv
    
      - kgraft/iscsi-target: Do not block kGraft in iscsi_np
        kthread (bsc#1010612, fate#313296).
    
      - kgraft/xen: Do not block kGraft in xenbus kthread
        (bsc#1017410, fate#313296).
    
      - libnvdimm, pfn: fix align attribute (bsc#1023175).
    
      - locking/pv-qspinlock: Use cmpxchg_release() in
        __pv_queued_spin_unlock() (bsc#969756).
    
      - locking/rtmutex: Prevent dequeue vs. unlock race
        (bsc#1015212).
    
      - locking/rtmutex: Use READ_ONCE() in rt_mutex_owner()
        (bsc#1015212).
    
      - mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc
        (bsc#1019351).
    
      - md-cluster: convert the completion to wait queue
        (fate#316335).
    
      - md-cluster: protect md_find_rdev_nr_rcu with rcu lock
        (fate#316335).
    
      - md: fix refcount problem on mddev when stopping array
        (bsc#1022304).
    
      - md linear: fix a race between linear_add() and
        linear_congested() (bsc#1018446).
    
      - [media] uvcvideo: uvc_scan_fallback() for webcams with
        broken chain (bsc#1021474).
    
      - misc/genwqe: ensure zero initialization (fate#321595).
    
      - mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23
        quirks for sdhci-arasan4.9a (bsc#1019351).
    
      - mm: do not loop on GFP_REPEAT high order requests if
        there is no reclaim progress (bnc#1013000).
    
      - mm, memcg: do not retry precharge charges (bnc#1022559).
    
      - mm, page_alloc: fix check for NULL preferred_zone
        (bnc#971975 VM performance -- page allocator).
    
      - mm, page_alloc: fix fast-path race with cpuset update or
        removal (bnc#971975 VM performance -- page allocator).
    
      - mm, page_alloc: fix premature OOM when racing with
        cpuset mems update (bnc#971975 VM performance -- page
        allocator).
    
      - mm, page_alloc: keep pcp count and list contents in sync
        if struct page is corrupted (bnc#971975 VM performance
        -- page allocator).
    
      - mm, page_alloc: move cpuset seqcount checking to
        slowpath (bnc#971975 VM performance -- page allocator).
    
      - mwifiex: add missing check for PCIe8997 chipset
        (bsc#1018813).
    
      - mwifiex: fix IBSS data path issue (bsc#1018813).
    
      - mwifiex: fix PCIe register information for 8997 chipset
        (bsc#1018813).
    
      - net/af_iucv: do not use paged skbs for TX on
        HiperSockets (bnc#1020945, LTC#150566).
    
      - net: ethernet: apm: xgene: use phydev from struct
        net_device (bsc#1019351).
    
      - net/hyperv: avoid uninitialized variable (fate#320485).
    
      - net: icmp6_send should use dst dev to determine L3
        domain (bsc#1014701).
    
      - net: ipv6: tcp reset, icmp need to consider L3 domain
        (bsc#1014701).
    
      - net/mlx4_en: Fix panic on xmit while port is down
        (bsc#966191 FATE#320230).
    
      - net/mlx5e: Use correct flow dissector key on flower
        offloading (bsc#966170 FATE#320225 bsc#966172
        FATE#320226).
    
      - net/mlx5: Fix autogroups groups num not decreasing
        (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
    
      - net/mlx5: Keep autogroups list ordered (bsc#966170
        FATE#320225 bsc#966172 FATE#320226).
    
      - net: remove useless memset's in drivers get_stats64
        (bsc#1019351).
    
      - net_sched: fix a typo in tc_for_each_action()
        (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
    
      - netvsc: add rcu_read locking to netvsc callback
        (fate#320485).
    
      - netvsc: fix checksum on UDP IPV6 (fate#320485).
    
      - netvsc: reduce maximum GSO size (fate#320485).
    
      - netvsc: Remove mistaken udp.h inclusion (fate#320485).
    
      - net: xgene: avoid bogus maybe-uninitialized warning
        (bsc#1019351).
    
      - net: xgene: fix backward compatibility fix
        (bsc#1019351).
    
      - net/xgene: fix error handling during reset
        (bsc#1019351).
    
      - net: xgene: move xgene_cle_ptree_ewdn data off stack
        (bsc#1019351).
    
      - nfit: fail DSMs that return non-zero status by default
        (bsc#1023175).
    
      - NFSv4: Cap the transport reconnection timer at 1/2 lease
        period (bsc#1014410).
    
      - NFSv4: Cleanup the setting of the nfs4 lease period
        (bsc#1014410).
    
      - nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).
    
      - nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too
        (bsc#1020685).
    
      - ocfs2: fix deadlock on mmapped page in
        ocfs2_write_begin_nolock() (bnc#921494).
    
      - pci: Add devm_request_pci_bus_resources() (bsc#1019351).
    
      - PCI/AER: include header file (bsc#964944,FATE#319965).
    
      - pci: generic: Fix pci_remap_iospace() failure path
        (bsc#1019630).
    
      - pci: hv: Allocate physically contiguous hypercall params
        buffer (fate#320485).
    
      - pci: hv: Delete the device earlier from hbus->children
        for hot-remove (fate#320485).
    
      - pci: hv: Fix hv_pci_remove() for hot-remove
        (fate#320485).
    
      - pci: hv: Handle hv_pci_generic_compl() error case
        (fate#320485).
    
      - pci: hv: Handle vmbus_sendpacket() failure in
        hv_compose_msi_msg() (fate#320485).
    
      - pci: hv: Make unnecessarily global IRQ masking functions
        static (fate#320485).
    
      - pci: hv: Remove the unused 'wrk' in struct
        hv_pcibus_device (fate#320485).
    
      - pci: hv: Use list_move_tail() instead of list_del() +
        list_add_tail() (fate#320485).
    
      - pci: hv: Use pci_function_description in struct
        definitions (fate#320485).
    
      - pci: hv: Use the correct buffer size in
        new_pcichild_device() (fate#320485).
    
      - pci: hv: Use zero-length array in struct pci_packet
        (fate#320485).
    
      - pci: xgene: Add local struct device pointers
        (bsc#1019351).
    
      - pci: xgene: Add register accessors (bsc#1019351).
    
      - pci: xgene: Free bridge resource list on failure
        (bsc#1019351).
    
      - pci: xgene: Make explicitly non-modular (bsc#1019351).
    
      - pci: xgene: Pass struct xgene_pcie_port to setup
        functions (bsc#1019351).
    
      - pci: xgene: Remove unused platform data (bsc#1019351).
    
      - pci: xgene: Request host bridge window resources
        (bsc#1019351).
    
      - perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).
    
      - phy: xgene: rename 'enum phy_mode' to 'enum
        xgene_phy_mode' (bsc#1019351).
    
      - powerpc/fadump: Fix the race in crash_fadump()
        (bsc#1022971).
    
      - power: reset: xgene-reboot: Unmap region obtained by
        of_iomap (bsc#1019351).
    
      - qeth: check not more than 16 SBALEs on the completion
        queue (bnc#1009718, LTC#148203).
    
      - raid1: ignore discard error (bsc#1017164).
    
      - reiserfs: fix race in prealloc discard (bsc#987576).
    
      - rpm/kernel-binary.spec.in: Export a make-stderr.log file
        (bsc#1012422)
    
      - rpm/kernel-binary.spec.in: Fix installation of
        /etc/uefi/certs (bsc#1019594)
    
      - rtc: cmos: avoid unused function warning (bsc#1022429).
    
      - rtc: cmos: Clear ACPI-driven alarms upon resume
        (bsc#1022429).
    
      - rtc: cmos: Do not enable interrupts in the middle of the
        interrupt handler (bsc#1022429).
    
      - rtc: cmos: Restore alarm after resume (bsc#1022429).
    
      - s390/cpuinfo: show maximum thread id (bnc#1009718,
        LTC#148580).
    
      - s390/sysinfo: show partition extended name and UUID if
        available (bnc#1009718, LTC#150160).
    
      - s390/time: LPAR offset handling (bnc#1009718,
        LTC#146920).
    
      - s390/time: move PTFF definitions (bnc#1009718,
        LTC#146920).
    
      - sched: Allow hotplug notifiers to be setup early
        (bnc#1022476).
    
      - sched/core: Fix incorrect utilization accounting when
        switching to fair class (bnc#1022476).
    
      - sched/core: Fix set_user_nice() (bnc#1022476).
    
      - sched/core, x86/topology: Fix NUMA in package topology
        bug (bnc#1022476).
    
      - sched/cputime: Add steal time support to full dynticks
        CPU time accounting (bnc#1022476).
    
      - sched/cputime: Fix prev steal time accouting during CPU
        hotplug (bnc#1022476).
    
      - sched/deadline: Always calculate end of period on
        sched_yield() (bnc#1022476).
    
      - sched/deadline: Fix a bug in dl_overflow()
        (bnc#1022476).
    
      - sched/deadline: Fix lock pinning warning during CPU
        hotplug (bnc#1022476).
    
      - sched/deadline: Fix wrap-around in DL heap
        (bnc#1022476).
    
      - sched/fair: Avoid using decay_load_missed() with a
        negative value (bnc#1022476).
    
      - sched/fair: Fix fixed point arithmetic width for shares
        and effective load (bnc#1022476).
    
      - sched/fair: Fix load_above_capacity fixed point
        arithmetic width (bnc#1022476).
    
      - sched/fair: Fix min_vruntime tracking (bnc#1022476).
    
      - sched/fair: Fix the wrong throttled clock time for
        cfs_rq_clock_task() (bnc#1022476).
    
      - sched/fair: Improve PELT stuff some more (bnc#1022476).
    
      - sched: Make wake_up_nohz_cpu() handle CPUs going offline
        (bnc#1022476).
    
      - sched/rt: Fix PI handling vs. sched_setscheduler()
        (bnc#1022476).
    
      - sched/rt: Kick RT bandwidth timer immediately on start
        up (bnc#1022476).
    
      - sched/rt, sched/dl: Do not push if task's scheduling
        class was changed (bnc#1022476).
    
      - scsi: Add 'AIX VDASD' to blacklist (bsc#1006469).
    
      - scsi: bfa: Increase requested firmware version to
        3.2.5.1 (bsc#1013273).
    
      - scsi_dh_alua: uninitialized variable in alua_rtpg()
        (bsc#1012910).
    
      - scsi: Modify HITACHI OPEN-V blacklist entry
        (bsc#1006469).
    
      - scsi: storvsc: Payload buffer incorrectly sized for 32
        bit kernels (fate#320485).
    
      - sd: always scan VPD pages if thin provisioning is
        enabled (bsc#1013792).
    
      - serial: 8250_fintek: fix the mismatched IRQ mode
        (boo#1009546).
    
      - serial: 8250: Integrate Fintek into 8250_base
        (boo#1016979). Update config files to change
        CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too.
        Also, the corresponding entry got removed from
        supported.conf.
    
      - ses: Fix SAS device detection in enclosure
        (bsc#1016403).
    
      - sunrpc: Fix reconnection timeouts (bsc#1014410).
    
      - sunrpc: fix refcounting problems with auth_gss messages
        (boo#1011250).
    
      - sunrpc: Limit the reconnect backoff timer to the max RPC
        message timeout (bsc#1014410).
    
      - supported.conf: delete xilinx/ll_temac (bsc#1011602)
    
      - supported.conf: Support Marvell WiFi/BT SDIO and
        pinctrl-cherrytrail (bsc#1018813)
    
      - target: add XCOPY target/segment desc sense codes
        (bsc#991273).
    
      - target: bounds check XCOPY segment descriptor list
        (bsc#991273).
    
      - target: bounds check XCOPY total descriptor list length
        (bsc#991273).
    
      - target: check for XCOPY parameter truncation
        (bsc#991273).
    
      - target: check XCOPY segment descriptor CSCD IDs
        (bsc#1017170).
    
      - target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE
        sense (bsc#991273).
    
      - target: simplify XCOPY wwn->se_dev lookup helper
        (bsc#991273).
    
      - target: support XCOPY requests without parameters
        (bsc#991273).
    
      - target: use XCOPY segment descriptor CSCD IDs
        (bsc#1017170).
    
      - target: use XCOPY TOO MANY TARGET DESCRIPTORS sense
        (bsc#991273).
    
      - tools: hv: Enable network manager for bonding scripts on
        RHEL (fate#320485).
    
      - tools: hv: fix a compile warning in snprintf
        (fate#320485).
    
      - Tools: hv: kvp: configurable external scripts path
        (fate#320485).
    
      - Tools: hv: kvp: ensure kvp device fd is closed on exec
        (fate#320485).
    
      - tools: hv: remove unnecessary header files and netlink
        related code (fate#320485).
    
      - tools: hv: remove unnecessary link flag (fate#320485).
    
      - tty: n_hdlc, fix lockdep false positive (bnc#1015840).
    
      - Update metadata for serial fixes (bsc#1013001)
    
      - vmbus: make sysfs names consistent with PCI
        (fate#320485).
    
      - x86/hpet: Reduce HPET counter read contention
        (bsc#1014710).
    
      - x86/hyperv: Handle unknown NMIs on one CPU when
        unknown_nmi_panic (fate#320485).
    
      - x86/MCE: Dump MCE to dmesg if no consumers
        (bsc#1013994)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1000092"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1000619"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1003077"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1003253"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005918"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1006469"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1006472"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1007729"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1008742"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009546"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009674"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009718"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009911"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1009969"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1010612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1010690"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1011176"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1011250"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1011602"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1011660"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1011913"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1012422"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1012829"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1012910"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013000"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013001"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013273"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013531"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013540"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013542"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1013994"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1014120"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1014392"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1014410"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1014701"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1014710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015038"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015212"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015359"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015367"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015416"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015840"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1016250"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1016403"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1016517"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1016884"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1016979"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1017164"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1017170"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1017410"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1017589"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018100"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018316"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018358"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018385"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018446"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018813"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1018913"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019061"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019148"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019260"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019594"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019630"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019631"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019784"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1019851"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020214"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020488"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020602"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020817"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020945"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1020975"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021248"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021251"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021258"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021260"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021294"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021455"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1021474"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022304"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022429"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022476"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022547"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022559"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1022971"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1023101"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1023175"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=921494"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=959709"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=960561"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=964944"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966170"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966172"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966186"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966191"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969474"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969475"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969756"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971975"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=974215"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979378"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=981709"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=985561"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=987192"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=987576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=991273"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected the Linux Kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-html");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-pdf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-macros");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/02/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-base-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-base-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-debugsource-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-devel-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-debug-devel-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-base-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-base-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-debugsource-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-default-devel-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-devel-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-docs-html-4.4.46-11.3") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-docs-pdf-4.4.46-11.3") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-macros-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-obs-build-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-obs-build-debugsource-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-obs-qa-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-source-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-source-vanilla-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-syms-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-base-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-base-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-debuginfo-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-debugsource-4.4.46-11.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"kernel-vanilla-devel-4.4.46-11.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-docs-html / kernel-docs-pdf / kernel-devel / kernel-macros / etc");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-694.NASL
    descriptionAn integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. (CVE-2016-3135) In the mark_source_chains function (net/ipv4/netfilter/ip_tables.c) it is possible for a user-supplied ipt_entry structure to have a large next_offset field. This field is not bounds checked prior to writing a counter value at the supplied offset. (CVE-2016-3134) A weakness was found in the Linux ASLR implementation. Any user able to run 32-bit applications in a x86 machine can disable the ASLR by setting the RLIMIT_STACK resource to unlimited. (CVE-2016-3672) Destroying a network interface with a large number of IPv4 addresses keeps a rtnl_lock for a very long time, which can block many network-related operations. (CVE-2016-3156) A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id90778
    published2016-04-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90778
    titleAmazon Linux AMI : kernel (ALAS-2016-694)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3126-1.NASL
    descriptionOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042) Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-7117). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94730
    published2016-11-11
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94730
    titleUbuntu 12.04 LTS : linux vulnerabilities (USN-3126-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-3657.NASL
    descriptionDescription of changes: [2.6.39-400.293.2.el6uek] - x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269184] {CVE-2016-3157} - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298618] {CVE-2016-7117}
    last seen2020-06-01
    modified2020-06-02
    plugin id96070
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96070
    titleOracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3657)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZLSA-2017-0086.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id101411
    published2017-07-13
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101411
    titleVirtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0086)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0215.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96920
    published2017-02-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96920
    titleRHEL 6 : kernel (RHSA-2017:0215)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0180.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269176] (CVE-2016-3157) (CVE-2016-3157) - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298611] (CVE-2016-7117)
    last seen2020-06-01
    modified2020-06-02
    plugin id96072
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96072
    titleOracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0180)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0179.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298601] (CVE-2016-7117)
    last seen2020-06-01
    modified2020-06-02
    plugin id96071
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96071
    titleOracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0179)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0036.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es) : * When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480) * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482) * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974) * When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818) * When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96403
    published2017-01-11
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96403
    titleRHEL 6 : kernel (RHSA-2017:0036)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0181.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269184] (CVE-2016-3157) - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298618] (CVE-2016-7117) - logging errors that get masked to EIO inside drivers/block/loop.c (Manjunath Patil) [Orabug: 21962821] - sched/core: Clear the root_domain cpumasks in init_rootdomain (Xunlei Pang) [Orabug: 23518650] - bio allocation failure due to bio_get_nr_vecs (Darrick J. Wong) - mlx4: avoid ABBA deadlock (Wengang Wang) [Orabug: 23538548] - mlx4: avoid multiple free on id_map_ent (Wengang Wang) [Orabug: 25022815] - sctp: validate chunk len before actually using it (Marcelo Ricardo Leitner) [Orabug: 25142906] (CVE-2016-9555) - NVMe: reduce queue depth as workaround for Samsung EPIC SQ errata (Ashok Vairavan) [Orabug: 25138146] - RDS: Drop the connection as part of cancel to avoid hangs (Avinash Repaka) [Orabug: 24951873] - aacraid: Check size values after double-fetch from user (Dave Carroll) [Orabug: 25060055] (CVE-2016-6480) (CVE-2016-6480) - audit: fix a double fetch in audit_log_single_execve_arg (Paul Moore) [Orabug: 25059962] (CVE-2016-6136) - ecryptfs: don
    last seen2020-06-01
    modified2020-06-02
    plugin id96073
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96073
    titleOracleVM 3.2 : Unbreakable / etc (OVMSA-2016-0181)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZLSA-2017-0036.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es) : * When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480) * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482) * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974) * When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818) * When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id101405
    published2017-07-13
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101405
    titleVirtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0036)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-3655.NASL
    descriptionDescription of changes: kernel-uek [4.1.12-61.1.23.el7uek] - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298601] {CVE-2016-7117}
    last seen2020-06-01
    modified2020-06-02
    plugin id96068
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96068
    titleOracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3655)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2017-1842-1.NASL
    descriptionThe remote Oracle Linux host is missing a security update for the kernel package(s).
    last seen2020-06-01
    modified2020-06-02
    plugin id102511
    published2017-08-16
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/102511
    titleOracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3119-1.NASL
    descriptionThis update for the Linux Kernel 3.12.51-52_39 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95805
    published2016-12-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95805
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2016:3119-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2017-0036.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es) : * When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480) * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482) * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974) * When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818) * When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96456
    published2017-01-13
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96456
    titleCentOS 6 : kernel (CESA-2017:0036)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-0575-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that was mishandled during error processing (bnc#1003077). - CVE-2017-5576: Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call (bnc#1021294). - CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel did not set an errno value upon certain overflow detections, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call (bnc#1021294). - CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. (bnc#1021258). - CVE-2017-2583: The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a
    last seen2020-06-01
    modified2020-06-02
    plugin id97466
    published2017-03-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97466
    titleSUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0575-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1051.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A race condition was found in the way the Linux kernel
    last seen2020-05-06
    modified2017-05-01
    plugin id99814
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99814
    titleEulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1051)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0113.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. The kernel-rt packages have been upgraded to version 3.10.0-514, which provides a number of security and bug fixes over the previous version. (BZ#1400193) Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96595
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96595
    titleRHEL 6 : MRG (RHSA-2017:0113)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0217.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96922
    published2017-02-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96922
    titleRHEL 7 : kernel (RHSA-2017:0217)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3112-1.NASL
    descriptionThis update for the Linux Kernel 3.12.55-52_42 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95802
    published2016-12-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95802
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2016:3112-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0086.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96593
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96593
    titleRHEL 7 : kernel (RHSA-2017:0086)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0196.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96825
    published2017-01-27
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96825
    titleRHEL 6 : kernel (RHSA-2017:0196)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1227.NASL
    descriptionThe openSUSE 13.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418). - CVE-2016-8658: Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg8021 1.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bnc#1004462). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6327: drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation (bnc#994748). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152) - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a
    last seen2020-06-05
    modified2016-10-27
    plugin id94303
    published2016-10-27
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94303
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2016-1227) (Dirty COW)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0031.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es) : * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances. (BZ#1397737) * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391973) * Previously, memory corruption by copying data into the wrong memory locations sometimes occurred, because the __copy_tofrom_user() function was returning incorrect values. This update fixes the __copy_tofrom_user() function so that it no longer returns larger values than the number of bytes it was asked to copy. As a result, memory corruption no longer occurs in he described scenario. (BZ#1398182)
    last seen2020-06-01
    modified2020-06-02
    plugin id96402
    published2017-01-11
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96402
    titleRHEL 6 : kernel (RHSA-2017:0031)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0270.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97185
    published2017-02-15
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97185
    titleRHEL 7 : kernel (RHSA-2017:0270)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0091.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96594
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96594
    titleRHEL 7 : kernel-rt (RHSA-2017:0091)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2962.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es) : * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances. (BZ#1391167)
    last seen2020-06-01
    modified2020-06-02
    plugin id95981
    published2016-12-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95981
    titleRHEL 5 : kernel (RHSA-2016:2962)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-0333-1.NASL
    descriptionThe SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes. This is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS. The following security bugs were fixed : - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531). - CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542). - CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832). - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a
    last seen2020-06-01
    modified2020-06-02
    plugin id96903
    published2017-01-31
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96903
    titleSUSE SLES11 Security Update : kernel (SUSE-SU-2017:0333-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1247-1.NASL
    descriptionThe SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enabled scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697). - CVE-2016-3070: The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacted with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215). - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanages the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bnc#1015703). - CVE-2016-10044: The aio_mount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call (bnc#1023992). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bnc#1023762). - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938). - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190). - CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189). - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id100150
    published2017-05-12
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100150
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2017:1247-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20170110_KERNEL_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) - An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) - A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es) : - When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. - When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. - From Scientific Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. - When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. - When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel
    last seen2020-03-18
    modified2017-01-13
    plugin id96481
    published2017-01-13
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96481
    titleScientific Linux Security Update : kernel on SL6.x i386/x86_64 (20170110)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2017-0057.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0057 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id99163
    published2017-04-03
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99163
    titleOracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-0494-1.NASL
    descriptionThe SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374). - CVE-2017-5551: Clear S_ISGID on tmpfs when setting posix ACLs (bsc#1021258). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local malicious application to execute arbitrary code within the context of the kernel bnc#1014746). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531). - CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542). - CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832). - CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel in certain unusual hardware configurations allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux, when the GNU Compiler Collection (gcc) stack protector is enabled, used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id97297
    published2017-02-21
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97297
    titleSUSE SLES11 Security Update : kernel (SUSE-SU-2017:0494-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-3656.NASL
    descriptionDescription of changes: kernel-uek [3.8.13-118.15.2.el7uek] - x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269176] {CVE-2016-3157} {CVE-2016-3157} - net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298611] {CVE-2016-7117}
    last seen2020-06-01
    modified2020-06-02
    plugin id96069
    published2016-12-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96069
    titleOracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3656)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20170117_KERNEL_ON_SL7_X.NASL
    descriptionTo see the complete list of bug fixes, users are directed to the related Knowledge Article : Security Fix(es) : - A use-after-free vulnerability was found in the kernel
    last seen2020-03-18
    modified2017-01-18
    plugin id96599
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96599
    titleScientific Linux Security Update : kernel on SL7.x x86_64 (20170117)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3249-1.NASL
    descriptionThis update for the Linux Kernel 3.12.51-52_34 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id96134
    published2016-12-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96134
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2016:3249-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1484.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data. This allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impacts.(CVE-2017-18222i1/4%0 - A flaw was found in the way the Linux kernel
    last seen2020-03-19
    modified2019-05-13
    plugin id124808
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124808
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1484)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-246.NASL
    descriptionThe openSUSE Leap 42.1 kernel to 4.1.38 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don
    last seen2020-06-05
    modified2017-02-14
    plugin id97138
    published2017-02-14
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97138
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2017-246)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2962.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es) : * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances. (BZ#1391167)
    last seen2020-06-01
    modified2020-06-02
    plugin id95952
    published2016-12-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95952
    titleCentOS 5 : kernel (CESA-2016:2962)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1496.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in the kernel
    last seen2020-03-19
    modified2019-05-13
    plugin id124819
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124819
    titleEulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1496)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3111-1.NASL
    descriptionThis update for the Linux Kernel 3.12.51-52_31 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95801
    published2016-12-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95801
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2016:3111-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3109-1.NASL
    descriptionThis update for the Linux Kernel 3.12.55-52_45 fixes several issues. The following security bugs were fixed : - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95799
    published2016-12-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95799
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2016:3109-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2962.NASL
    descriptionFrom Red Hat Security Advisory 2016:2962 : An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es) : * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances. (BZ#1391167)
    last seen2020-06-01
    modified2020-06-02
    plugin id95978
    published2016-12-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95978
    titleOracle Linux 5 : kernel (ELSA-2016-2962)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2976-1.NASL
    descriptionThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. For the PowerPC64 a new
    last seen2020-06-01
    modified2020-06-02
    plugin id95536
    published2016-12-05
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95536
    titleSUSE SLES11 Security Update : kernel (SUSE-SU-2016:2976-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2017-0086.NASL
    descriptionFrom Red Hat Security Advisory 2017:0086 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96588
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96588
    titleOracle Linux 7 : kernel (ELSA-2017-0086)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161220_KERNEL_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es) : - Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances.
    last seen2020-03-18
    modified2016-12-21
    plugin id95984
    published2016-12-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95984
    titleScientific Linux Security Update : kernel on SL5.x i386/x86_64 (20161220)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2017-0086.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96633
    published2017-01-20
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96633
    titleCentOS 7 : kernel (CESA-2017:0086)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1360-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to receive various security and bugfixes. Notable new/improved features : - Improved support for Hyper-V - Support for the tcp_westwood TCP scheduling algorithm The following security bugs were fixed : - CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bsc#1035877). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the
    last seen2020-06-01
    modified2020-06-02
    plugin id100320
    published2017-05-22
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100320
    titleSUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1360-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2017-0036.NASL
    descriptionFrom Red Hat Security Advisory 2017:0036 : An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es) : * When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480) * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482) * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974) * When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818) * When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96401
    published2017-01-11
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96401
    titleOracle Linux 6 : kernel (ELSA-2017-0036)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0216.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id96921
    published2017-02-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96921
    titleRHEL 6 : kernel (RHSA-2017:0216)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0065.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)
    last seen2020-06-01
    modified2020-06-02
    plugin id96560
    published2017-01-17
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96560
    titleRHEL 6 : kernel (RHSA-2017:0065)

Redhat

advisories
  • bugzilla
    id1382268
    titleCVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • commentkernel earlier than 0:2.6.18-417.el5 is currently running
          ovaloval:com.redhat.rhsa:tst:20162962025
        • commentkernel earlier than 0:2.6.18-417.el5 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20162962026
      • OR
        • AND
          • commentkernel-doc is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962001
          • commentkernel-doc is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314002
        • AND
          • commentkernel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962003
          • commentkernel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314008
        • AND
          • commentkernel-kdump-devel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962005
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314012
        • AND
          • commentkernel-kdump is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962007
          • commentkernel-kdump is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314010
        • AND
          • commentkernel-devel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962009
          • commentkernel-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314016
        • AND
          • commentkernel-debug-devel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962011
          • commentkernel-debug-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314004
        • AND
          • commentkernel-debug is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962013
          • commentkernel-debug is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314014
        • AND
          • commentkernel-headers is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962015
          • commentkernel-headers is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314006
        • AND
          • commentkernel-xen-devel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962017
          • commentkernel-xen-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314020
        • AND
          • commentkernel-xen is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962019
          • commentkernel-xen is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314018
        • AND
          • commentkernel-PAE is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962021
          • commentkernel-PAE is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314024
        • AND
          • commentkernel-PAE-devel is earlier than 0:2.6.18-417.el5
            ovaloval:com.redhat.rhsa:tst:20162962023
          • commentkernel-PAE-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20080314022
    rhsa
    idRHSA-2016:2962
    released2016-12-20
    severityImportant
    titleRHSA-2016:2962: kernel security and bug fix update (Important)
  • bugzilla
    id1382268
    titleCVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • commentkernel earlier than 0:2.6.32-642.13.1.el6 is currently running
          ovaloval:com.redhat.rhsa:tst:20170036027
        • commentkernel earlier than 0:2.6.32-642.13.1.el6 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20170036028
      • OR
        • AND
          • commentkernel-debug-devel is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036001
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-headers is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036003
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-debug is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036005
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel-devel is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036007
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentperf is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036009
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036011
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentkernel-abi-whitelists is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036013
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentkernel-firmware is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036015
          • commentkernel-firmware is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842004
        • AND
          • commentkernel-doc is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036017
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-kdump-devel is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036019
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036021
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
        • AND
          • commentkernel-bootwrapper is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036023
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentpython-perf is earlier than 0:2.6.32-642.13.1.el6
            ovaloval:com.redhat.rhsa:tst:20170036025
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
    rhsa
    idRHSA-2017:0036
    released2017-01-10
    severityImportant
    titleRHSA-2017:0036: kernel security and bug fix update (Important)
  • rhsa
    idRHSA-2017:0031
  • rhsa
    idRHSA-2017:0065
  • rhsa
    idRHSA-2017:0086
  • rhsa
    idRHSA-2017:0091
  • rhsa
    idRHSA-2017:0113
  • rhsa
    idRHSA-2017:0196
  • rhsa
    idRHSA-2017:0215
  • rhsa
    idRHSA-2017:0216
  • rhsa
    idRHSA-2017:0217
  • rhsa
    idRHSA-2017:0270
rpms
  • kernel-0:2.6.18-417.el5
  • kernel-PAE-0:2.6.18-417.el5
  • kernel-PAE-debuginfo-0:2.6.18-417.el5
  • kernel-PAE-devel-0:2.6.18-417.el5
  • kernel-debug-0:2.6.18-417.el5
  • kernel-debug-debuginfo-0:2.6.18-417.el5
  • kernel-debug-devel-0:2.6.18-417.el5
  • kernel-debuginfo-0:2.6.18-417.el5
  • kernel-debuginfo-common-0:2.6.18-417.el5
  • kernel-devel-0:2.6.18-417.el5
  • kernel-doc-0:2.6.18-417.el5
  • kernel-headers-0:2.6.18-417.el5
  • kernel-kdump-0:2.6.18-417.el5
  • kernel-kdump-debuginfo-0:2.6.18-417.el5
  • kernel-kdump-devel-0:2.6.18-417.el5
  • kernel-xen-0:2.6.18-417.el5
  • kernel-xen-debuginfo-0:2.6.18-417.el5
  • kernel-xen-devel-0:2.6.18-417.el5
  • kernel-0:2.6.32-573.38.1.el6
  • kernel-abi-whitelists-0:2.6.32-573.38.1.el6
  • kernel-bootwrapper-0:2.6.32-573.38.1.el6
  • kernel-debug-0:2.6.32-573.38.1.el6
  • kernel-debug-debuginfo-0:2.6.32-573.38.1.el6
  • kernel-debug-devel-0:2.6.32-573.38.1.el6
  • kernel-debuginfo-0:2.6.32-573.38.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-573.38.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-573.38.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-573.38.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-573.38.1.el6
  • kernel-devel-0:2.6.32-573.38.1.el6
  • kernel-doc-0:2.6.32-573.38.1.el6
  • kernel-firmware-0:2.6.32-573.38.1.el6
  • kernel-headers-0:2.6.32-573.38.1.el6
  • kernel-kdump-0:2.6.32-573.38.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-573.38.1.el6
  • kernel-kdump-devel-0:2.6.32-573.38.1.el6
  • perf-0:2.6.32-573.38.1.el6
  • perf-debuginfo-0:2.6.32-573.38.1.el6
  • python-perf-0:2.6.32-573.38.1.el6
  • python-perf-debuginfo-0:2.6.32-573.38.1.el6
  • kernel-0:2.6.32-642.13.1.el6
  • kernel-abi-whitelists-0:2.6.32-642.13.1.el6
  • kernel-bootwrapper-0:2.6.32-642.13.1.el6
  • kernel-debug-0:2.6.32-642.13.1.el6
  • kernel-debug-debuginfo-0:2.6.32-642.13.1.el6
  • kernel-debug-devel-0:2.6.32-642.13.1.el6
  • kernel-debuginfo-0:2.6.32-642.13.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-642.13.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-642.13.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-642.13.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-642.13.1.el6
  • kernel-devel-0:2.6.32-642.13.1.el6
  • kernel-doc-0:2.6.32-642.13.1.el6
  • kernel-firmware-0:2.6.32-642.13.1.el6
  • kernel-headers-0:2.6.32-642.13.1.el6
  • kernel-kdump-0:2.6.32-642.13.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-642.13.1.el6
  • kernel-kdump-devel-0:2.6.32-642.13.1.el6
  • perf-0:2.6.32-642.13.1.el6
  • perf-debuginfo-0:2.6.32-642.13.1.el6
  • python-perf-0:2.6.32-642.13.1.el6
  • python-perf-debuginfo-0:2.6.32-642.13.1.el6
  • kernel-0:2.6.32-431.77.1.el6
  • kernel-abi-whitelists-0:2.6.32-431.77.1.el6
  • kernel-debug-0:2.6.32-431.77.1.el6
  • kernel-debug-debuginfo-0:2.6.32-431.77.1.el6
  • kernel-debug-devel-0:2.6.32-431.77.1.el6
  • kernel-debuginfo-0:2.6.32-431.77.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-431.77.1.el6
  • kernel-devel-0:2.6.32-431.77.1.el6
  • kernel-doc-0:2.6.32-431.77.1.el6
  • kernel-firmware-0:2.6.32-431.77.1.el6
  • kernel-headers-0:2.6.32-431.77.1.el6
  • perf-0:2.6.32-431.77.1.el6
  • perf-debuginfo-0:2.6.32-431.77.1.el6
  • python-perf-0:2.6.32-431.77.1.el6
  • python-perf-debuginfo-0:2.6.32-431.77.1.el6
  • kernel-0:3.10.0-514.6.1.el7
  • kernel-abi-whitelists-0:3.10.0-514.6.1.el7
  • kernel-bootwrapper-0:3.10.0-514.6.1.el7
  • kernel-debug-0:3.10.0-514.6.1.el7
  • kernel-debug-debuginfo-0:3.10.0-514.6.1.el7
  • kernel-debug-devel-0:3.10.0-514.6.1.el7
  • kernel-debuginfo-0:3.10.0-514.6.1.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-514.6.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-514.6.1.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-514.6.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-514.6.1.el7
  • kernel-devel-0:3.10.0-514.6.1.el7
  • kernel-doc-0:3.10.0-514.6.1.el7
  • kernel-headers-0:3.10.0-514.6.1.el7
  • kernel-kdump-0:3.10.0-514.6.1.el7
  • kernel-kdump-debuginfo-0:3.10.0-514.6.1.el7
  • kernel-kdump-devel-0:3.10.0-514.6.1.el7
  • kernel-tools-0:3.10.0-514.6.1.el7
  • kernel-tools-debuginfo-0:3.10.0-514.6.1.el7
  • kernel-tools-libs-0:3.10.0-514.6.1.el7
  • kernel-tools-libs-devel-0:3.10.0-514.6.1.el7
  • perf-0:3.10.0-514.6.1.el7
  • perf-debuginfo-0:3.10.0-514.6.1.el7
  • python-perf-0:3.10.0-514.6.1.el7
  • python-perf-debuginfo-0:3.10.0-514.6.1.el7
  • kernel-rt-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debug-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debug-devel-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debug-kvm-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-devel-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-doc-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-kvm-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-trace-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-trace-devel-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-trace-kvm-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.6.1.rt56.429.el7
  • kernel-rt-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-debug-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-debug-debuginfo-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-debug-devel-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-debuginfo-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-debuginfo-common-x86_64-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-devel-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-doc-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-firmware-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-trace-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-trace-debuginfo-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-trace-devel-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-vanilla-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-vanilla-debuginfo-1:3.10.0-514.rt56.210.el6rt
  • kernel-rt-vanilla-devel-1:3.10.0-514.rt56.210.el6rt
  • kernel-0:2.6.32-358.76.1.el6
  • kernel-debug-0:2.6.32-358.76.1.el6
  • kernel-debug-debuginfo-0:2.6.32-358.76.1.el6
  • kernel-debug-devel-0:2.6.32-358.76.1.el6
  • kernel-debuginfo-0:2.6.32-358.76.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-358.76.1.el6
  • kernel-devel-0:2.6.32-358.76.1.el6
  • kernel-doc-0:2.6.32-358.76.1.el6
  • kernel-firmware-0:2.6.32-358.76.1.el6
  • kernel-headers-0:2.6.32-358.76.1.el6
  • perf-0:2.6.32-358.76.1.el6
  • perf-debuginfo-0:2.6.32-358.76.1.el6
  • python-perf-0:2.6.32-358.76.1.el6
  • python-perf-debuginfo-0:2.6.32-358.76.1.el6
  • kernel-0:2.6.32-220.69.1.el6
  • kernel-debug-0:2.6.32-220.69.1.el6
  • kernel-debug-debuginfo-0:2.6.32-220.69.1.el6
  • kernel-debug-devel-0:2.6.32-220.69.1.el6
  • kernel-debuginfo-0:2.6.32-220.69.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-220.69.1.el6
  • kernel-devel-0:2.6.32-220.69.1.el6
  • kernel-doc-0:2.6.32-220.69.1.el6
  • kernel-firmware-0:2.6.32-220.69.1.el6
  • kernel-headers-0:2.6.32-220.69.1.el6
  • perf-0:2.6.32-220.69.1.el6
  • perf-debuginfo-0:2.6.32-220.69.1.el6
  • python-perf-0:2.6.32-220.69.1.el6
  • python-perf-debuginfo-0:2.6.32-220.69.1.el6
  • kernel-0:2.6.32-504.56.1.el6
  • kernel-abi-whitelists-0:2.6.32-504.56.1.el6
  • kernel-debug-0:2.6.32-504.56.1.el6
  • kernel-debug-debuginfo-0:2.6.32-504.56.1.el6
  • kernel-debug-devel-0:2.6.32-504.56.1.el6
  • kernel-debuginfo-0:2.6.32-504.56.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-504.56.1.el6
  • kernel-devel-0:2.6.32-504.56.1.el6
  • kernel-doc-0:2.6.32-504.56.1.el6
  • kernel-firmware-0:2.6.32-504.56.1.el6
  • kernel-headers-0:2.6.32-504.56.1.el6
  • perf-0:2.6.32-504.56.1.el6
  • perf-debuginfo-0:2.6.32-504.56.1.el6
  • python-perf-0:2.6.32-504.56.1.el6
  • python-perf-debuginfo-0:2.6.32-504.56.1.el6
  • kernel-0:3.10.0-327.46.1.el7
  • kernel-abi-whitelists-0:3.10.0-327.46.1.el7
  • kernel-bootwrapper-0:3.10.0-327.46.1.el7
  • kernel-debug-0:3.10.0-327.46.1.el7
  • kernel-debug-debuginfo-0:3.10.0-327.46.1.el7
  • kernel-debug-devel-0:3.10.0-327.46.1.el7
  • kernel-debuginfo-0:3.10.0-327.46.1.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-327.46.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-327.46.1.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-327.46.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-327.46.1.el7
  • kernel-devel-0:3.10.0-327.46.1.el7
  • kernel-doc-0:3.10.0-327.46.1.el7
  • kernel-headers-0:3.10.0-327.46.1.el7
  • kernel-kdump-0:3.10.0-327.46.1.el7
  • kernel-kdump-debuginfo-0:3.10.0-327.46.1.el7
  • kernel-kdump-devel-0:3.10.0-327.46.1.el7
  • kernel-tools-0:3.10.0-327.46.1.el7
  • kernel-tools-debuginfo-0:3.10.0-327.46.1.el7
  • kernel-tools-libs-0:3.10.0-327.46.1.el7
  • kernel-tools-libs-devel-0:3.10.0-327.46.1.el7
  • perf-0:3.10.0-327.46.1.el7
  • perf-debuginfo-0:3.10.0-327.46.1.el7
  • python-perf-0:3.10.0-327.46.1.el7
  • python-perf-debuginfo-0:3.10.0-327.46.1.el7
  • kernel-0:3.10.0-229.48.1.ael7b
  • kernel-0:3.10.0-229.48.1.el7
  • kernel-abi-whitelists-0:3.10.0-229.48.1.ael7b
  • kernel-abi-whitelists-0:3.10.0-229.48.1.el7
  • kernel-bootwrapper-0:3.10.0-229.48.1.ael7b
  • kernel-bootwrapper-0:3.10.0-229.48.1.el7
  • kernel-debug-0:3.10.0-229.48.1.ael7b
  • kernel-debug-0:3.10.0-229.48.1.el7
  • kernel-debug-debuginfo-0:3.10.0-229.48.1.ael7b
  • kernel-debug-debuginfo-0:3.10.0-229.48.1.el7
  • kernel-debug-devel-0:3.10.0-229.48.1.ael7b
  • kernel-debug-devel-0:3.10.0-229.48.1.el7
  • kernel-debuginfo-0:3.10.0-229.48.1.ael7b
  • kernel-debuginfo-0:3.10.0-229.48.1.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-229.48.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-229.48.1.ael7b
  • kernel-debuginfo-common-s390x-0:3.10.0-229.48.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-229.48.1.el7
  • kernel-devel-0:3.10.0-229.48.1.ael7b
  • kernel-devel-0:3.10.0-229.48.1.el7
  • kernel-doc-0:3.10.0-229.48.1.ael7b
  • kernel-doc-0:3.10.0-229.48.1.el7
  • kernel-headers-0:3.10.0-229.48.1.ael7b
  • kernel-headers-0:3.10.0-229.48.1.el7
  • kernel-kdump-0:3.10.0-229.48.1.el7
  • kernel-kdump-debuginfo-0:3.10.0-229.48.1.el7
  • kernel-kdump-devel-0:3.10.0-229.48.1.el7
  • kernel-tools-0:3.10.0-229.48.1.ael7b
  • kernel-tools-0:3.10.0-229.48.1.el7
  • kernel-tools-debuginfo-0:3.10.0-229.48.1.ael7b
  • kernel-tools-debuginfo-0:3.10.0-229.48.1.el7
  • kernel-tools-libs-0:3.10.0-229.48.1.ael7b
  • kernel-tools-libs-0:3.10.0-229.48.1.el7
  • kernel-tools-libs-devel-0:3.10.0-229.48.1.ael7b
  • kernel-tools-libs-devel-0:3.10.0-229.48.1.el7
  • perf-0:3.10.0-229.48.1.ael7b
  • perf-0:3.10.0-229.48.1.el7
  • perf-debuginfo-0:3.10.0-229.48.1.ael7b
  • perf-debuginfo-0:3.10.0-229.48.1.el7
  • python-perf-0:3.10.0-229.48.1.ael7b
  • python-perf-0:3.10.0-229.48.1.el7
  • python-perf-debuginfo-0:3.10.0-229.48.1.ael7b
  • python-perf-debuginfo-0:3.10.0-229.48.1.el7