Test ID:	1.3.6.1.4.1.25623.1.0.68662
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2126-1)
Summary:	The remote host is missing an update for the Debian 'linux-2.6' package(s) announced via the DSA-2126-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'linux-2.6' package(s) announced via the DSA-2126-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2963 Kees Cook discovered an issue in the v4l 32-bit compatibility layer for 64-bit systems that allows local users with /dev/video write permission to overwrite arbitrary kernel memory, potentially leading to a privilege escalation. On Debian systems, access to /dev/video devices is restricted to members of the 'video' group by default. CVE-2010-3067 Tavis Ormandy discovered an issue in the io_submit system call. Local users can cause an integer overflow resulting in a denial of service. CVE-2010-3296 Dan Rosenberg discovered an issue in the cxgb network driver that allows unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-3297 Dan Rosenberg discovered an issue in the eql network driver that allows local users to obtain the contents of sensitive kernel memory. CVE-2010-3310 Dan Rosenberg discovered an issue in the ROSE socket implementation. On systems with a rose device, local users can cause a denial of service (kernel memory corruption). CVE-2010-3432 Thomas Dreibholz discovered an issue in the SCTP protocol that permits a remote user to cause a denial of service (kernel panic). CVE-2010-3437 Dan Rosenberg discovered an issue in the pktcdvd driver. Local users with permission to open /dev/pktcdvd/control can obtain the contents of sensitive kernel memory or cause a denial of service. By default on Debian systems, this access is restricted to members of the group 'cdrom'. CVE-2010-3442 Dan Rosenberg discovered an issue in the ALSA sound system. Local users with permission to open /dev/snd/controlC0 can create an integer overflow condition that causes a denial of service. By default on Debian systems, this access is restricted to members of the group 'audio'. CVE-2010-3448 Dan Jacobson reported an issue in the thinkpad-acpi driver. On certain Thinkpad systems, local users can cause a denial of service (X.org crash) by reading /proc/acpi/ibm/video. CVE-2010-3477 Jeff Mahoney discovered an issue in the Traffic Policing (act_police) module that allows local users to obtain the contents of sensitive kernel memory. CVE-2010-3705 Dan Rosenberg reported an issue in the HMAC processing code in the SCTP protocol that allows remote users to create a denial of service (memory corruption). CVE-2010-3848 Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a stack overflow condition with large msg->msgiovlen values that can result in a denial of service or privilege escalation. CVE-2010-3849 Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a denial of service (oops) if a NULL remote addr value is passed as a parameter to ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-2.6' package(s) on Debian 5. Solution: Please install the updated package(s). CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2963 BugTraq ID: 44242 http://www.securityfocus.com/bid/44242 Debian Security Information: DSA-2126 (Google Search) http://www.debian.org/security/2010/dsa-2126 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 http://www.outflux.net/blog/archives/2010/10/19/cve-2010-2963-v4l-compat-exploit/ http://www.securitytracker.com/id?1024710 http://secunia.com/advisories/42745 SuSE Security Announcement: SUSE-SA:2010:053 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html SuSE Security Announcement: SUSE-SA:2010:057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html http://www.ubuntu.com/usn/USN-1000-1 http://www.vupen.com/english/advisories/2010/3321 Common Vulnerability Exposure (CVE) ID: CVE-2010-3067 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 42778 http://secunia.com/advisories/42778 42801 http://secunia.com/advisories/42801 42890 http://secunia.com/advisories/42890 43291 http://secunia.com/advisories/43291 46397 http://secunia.com/advisories/46397 ADV-2011-0012 http://www.vupen.com/english/advisories/2011/0012 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 ADV-2011-0375 http://www.vupen.com/english/advisories/2011/0375 DSA-2126 MDVSA-2010:257 MDVSA-2011:029 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0758 http://www.redhat.com/support/errata/RHSA-2010-0758.html RHSA-2010:0779 http://www.redhat.com/support/errata/RHSA-2010-0779.html RHSA-2010:0839 http://www.redhat.com/support/errata/RHSA-2010-0839.html RHSA-2011:0007 http://www.redhat.com/support/errata/RHSA-2011-0007.html SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SUSE-SA:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html SUSE-SA:2011:008 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html USN-1000-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc4-next-20100915.bz2 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=629441 kernel-doiosubmit-dos(61884) https://exchange.xforce.ibmcloud.com/vulnerabilities/61884 Common Vulnerability Exposure (CVE) ID: CVE-2010-3296 41440 http://secunia.com/advisories/41440 42758 http://secunia.com/advisories/42758 42884 http://secunia.com/advisories/42884 43221 http://www.securityfocus.com/bid/43221 ADV-2011-0070 http://www.vupen.com/english/advisories/2011/0070 RHSA-2011:0017 http://www.redhat.com/support/errata/RHSA-2011-0017.html SUSE-SA:2010:050 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html SUSE-SA:2010:054 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html USN-1041-1 http://www.ubuntu.com/usn/USN-1041-1 [linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory http://lkml.org/lkml/2010/9/11/170 [oss-security] 20100914 CVE request: kernel: numerous infoleaks http://www.openwall.com/lists/oss-security/2010/09/14/2 [oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks http://www.openwall.com/lists/oss-security/2010/09/14/7 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5 https://bugzilla.redhat.com/show_bug.cgi?id=633149 Common Vulnerability Exposure (CVE) ID: CVE-2010-3297 43161 http://secunia.com/advisories/43161 43229 http://www.securityfocus.com/bid/43229 ADV-2011-0280 http://www.vupen.com/english/advisories/2011/0280 RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html USN-1057-1 http://www.ubuntu.com/usn/USN-1057-1 [linux-kernel] 20100911 [PATCH] drivers/net/eql.c: prevent reading uninitialized stack memory http://lkml.org/lkml/2010/9/11/168 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=44467187dc22fdd33a1a06ea0ba86ce20be3fe3c https://bugzilla.redhat.com/show_bug.cgi?id=633145 Common Vulnerability Exposure (CVE) ID: CVE-2010-3310 41493 http://secunia.com/advisories/41493 43368 http://www.securityfocus.com/bid/43368 68163 http://www.osvdb.org/68163 SUSE-SA:2010:051 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00004.html [linux-netdev] 20100920 [PATCH] rose: Fix signedness issues wrt. digi count. http://marc.info/?l=linux-netdev&m=128502238927086&w=2 [oss-security] 20100921 CVE request: kernel: Heap corruption in ROSE http://www.openwall.com/lists/oss-security/2010/09/21/1 [oss-security] 20100921 Re: CVE request: kernel: Heap corruption in ROSE http://www.openwall.com/lists/oss-security/2010/09/21/2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9828e6e6e3f19efcb476c567b9999891d051f52f http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100923.bz2 kernel-rose-bind-dos(61953) https://exchange.xforce.ibmcloud.com/vulnerabilities/61953 Common Vulnerability Exposure (CVE) ID: CVE-2010-3432 42400 http://secunia.com/advisories/42400 42789 http://secunia.com/advisories/42789 43480 http://www.securityfocus.com/bid/43480 ADV-2010-3113 http://www.vupen.com/english/advisories/2010/3113 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html RHSA-2010:0936 http://www.redhat.com/support/errata/RHSA-2010-0936.html RHSA-2010:0958 http://www.redhat.com/support/errata/RHSA-2010-0958.html RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html [netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix http://marc.info/?l=linux-netdev&m=128453869227715&w=3 [oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128534569803598&w=2 [oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128537701808336&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6 https://bugzilla.redhat.com/show_bug.cgi?id=637675 Common Vulnerability Exposure (CVE) ID: CVE-2010-3437 15150 http://www.exploit-db.com/exploits/15150/ 42932 http://secunia.com/advisories/42932 43551 http://www.securityfocus.com/bid/43551 ADV-2011-0124 http://www.vupen.com/english/advisories/2011/0124 SUSE-SA:2011:004 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html [oss-security] 20100928 CVE request - kernel: pktcdvd ioctl dev_minor missing range check http://www.openwall.com/lists/oss-security/2010/09/28/2 [oss-security] 20100928 Re: CVE request - kernel: pktcdvd ioctl dev_minor missing range check http://www.openwall.com/lists/oss-security/2010/09/28/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=252a52aa4fa22a668f019e55b3aac3ff71ec1c29 http://jon.oberheide.org/files/cve-2010-3437.c http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=638085 Common Vulnerability Exposure (CVE) ID: CVE-2010-3442 42745 43787 http://www.securityfocus.com/bid/43787 ADV-2010-3321 FEDORA-2010-18983 [oss-security] 20100929 CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/2 [oss-security] 20100929 Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/3 http://www.openwall.com/lists/oss-security/2010/09/29/4 http://www.openwall.com/lists/oss-security/2010/09/29/9 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100928.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=638478 Common Vulnerability Exposure (CVE) ID: CVE-2010-3448 [oss-security] 20100623 kernel: thinkpad-acpi: lock down video output state access http://openwall.com/lists/oss-security/2010/06/23/2 [oss-security] 20100928 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/28/1 [oss-security] 20100929 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/29/7 [oss-security] 20100930 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/30/1 http://openwall.com/lists/oss-security/2010/09/30/6 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565790 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b525c06cdbd8a3963f0173ccd23f9147d4c384b5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 https://bugzilla.redhat.com/show_bug.cgi?id=652122 kernel-thinkpad-dos(64580) https://exchange.xforce.ibmcloud.com/vulnerabilities/64580 Common Vulnerability Exposure (CVE) ID: CVE-2010-3477 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securitytracker.com/id?1024603 Common Vulnerability Exposure (CVE) ID: CVE-2010-3705 [linux-kernel] 20101001 [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac() http://marc.info/?l=linux-kernel&m=128596992418814&w=2 [oss-security] 20101004 CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/2 [oss-security] 20101004 Re: CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/7 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=640036 Common Vulnerability Exposure (CVE) ID: CVE-2010-3848 43056 http://secunia.com/advisories/43056 ADV-2011-0213 http://www.vupen.com/english/advisories/2011/0213 SUSE-SA:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html USN-1023-1 http://www.ubuntu.com/usn/USN-1023-1 [oss-security] 20101129 kernel: Multiple vulnerabilities in AF_ECONET http://openwall.com/lists/oss-security/2010/11/30/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a27e13d370415add3487949c60810e36069a23a6 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=644156 Common Vulnerability Exposure (CVE) ID: CVE-2010-3849 20101207 Linux kernel exploit http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa0e846494792e722d817b9d3d625a4ef4896c96 Common Vulnerability Exposure (CVE) ID: CVE-2010-3850 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74 Common Vulnerability Exposure (CVE) ID: CVE-2010-3858 15619 http://www.exploit-db.com/exploits/15619 44301 http://www.securityfocus.com/bid/44301 [oss-security] 20101021 CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/21/1 [oss-security] 20101022 Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/22/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 http://grsecurity.net/~spender/64bit_dos.c https://bugzilla.redhat.com/show_bug.cgi?id=645222 Common Vulnerability Exposure (CVE) ID: CVE-2010-3859 42963 http://secunia.com/advisories/42963 44354 http://www.securityfocus.com/bid/44354 ADV-2011-0168 http://www.vupen.com/english/advisories/2011/0168 RHSA-2011:0162 http://www.redhat.com/support/errata/RHSA-2011-0162.html [netdev] 20101021 TIPC security issues http://marc.info/?l=linux-netdev&m=128770476511716&w=2 [netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size() http://www.spinics.net/lists/netdev/msg145248.html [netdev] 20101027 [PATCH 0/4] RFC: tipc int vs size_t fixes http://www.spinics.net/lists/netdev/msg145247.html [netdev] 20101027 [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size() http://www.spinics.net/lists/netdev/msg145263.html [netdev] 20101027 [PATCH 2/4] tipc: Fix bugs in tipc_msg_build() http://www.spinics.net/lists/netdev/msg145265.html [netdev] 20101027 [PATCH 3/4] tipc: Update arguments to use size_t for iovec array sizes http://www.spinics.net/lists/netdev/msg145262.html [netdev] 20101027 [PATCH 4/4] tipc: Fix bugs in sending of large amounts of byte-stream data http://www.spinics.net/lists/netdev/msg145264.html [netdev] 20101028 Re: [PATCH 2/4] tipc: Fix bugs in tipc_msg_build() http://www.spinics.net/lists/netdev/msg145352.html [oss-security] 20101022 CVE request: kernel: heap overflow in TIPC http://www.openwall.com/lists/oss-security/2010/10/22/2 [oss-security] 20101022 Re: CVE request: kernel: heap overflow in TIPC http://www.openwall.com/lists/oss-security/2010/10/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a https://bugzilla.redhat.com/show_bug.cgi?id=645867 Common Vulnerability Exposure (CVE) ID: CVE-2010-3873 [netdev] 20101102 [SECURITY] memory corruption in X.25 facilities parsing http://www.spinics.net/lists/netdev/msg145786.html [netdev] 20101104 Re: [SECURITY] memory corruption in X.25 facilities parsing http://www.spinics.net/lists/netdev/msg145873.html [oss-security] 20101103 CVE request: X.25 remote DoS http://openwall.com/lists/oss-security/2010/11/03/2 [oss-security] 20101104 Re: CVE request: X.25 remote DoS http://openwall.com/lists/oss-security/2010/11/04/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6331d6f9a4298173b413cf99a40cc86a9d92c37 https://bugzilla.redhat.com/show_bug.cgi?id=649693 openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3874 [netdev] 20101102 [SECURITY] CAN info leak/minor heap overflow http://www.spinics.net/lists/netdev/msg145791.html [netdev] 20101110 can-bcm: fix minor heap overflow http://www.spinics.net/lists/netdev/msg146469.html [oss-security] 20101103 CVE request: kernel: CAN information leak http://openwall.com/lists/oss-security/2010/11/03/3 [oss-security] 20101104 Re: CVE request: kernel: CAN information leak http://openwall.com/lists/oss-security/2010/11/04/4 [oss-security] 20101220 CVE request: kernel: CAN information leak, 2nd attempt http://openwall.com/lists/oss-security/2010/12/20/2 [oss-security] 20101220 Re: CVE request: kernel: CAN information leak, 2nd attempt http://openwall.com/lists/oss-security/2010/12/20/3 http://openwall.com/lists/oss-security/2010/12/20/4 http://openwall.com/lists/oss-security/2010/12/20/5 http://openwall.com/lists/oss-security/2010/12/21/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0597d1b99fcfc2c0eada09a698f85ed413d4ba84 https://bugzilla.redhat.com/show_bug.cgi?id=649695 Common Vulnerability Exposure (CVE) ID: CVE-2010-3875 44630 http://www.securityfocus.com/bid/44630 [netdev] 20101031 [PATCH 1/3] net: ax25: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507120898&w=2 [oss-security] 20101102 CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/7 [oss-security] 20101104 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/04/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe10ae53384e48c51996941b7720ee16995cbcb7 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=649713 Common Vulnerability Exposure (CVE) ID: CVE-2010-3876 [netdev] 20101031 [PATCH 2/3] net: packet: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507220908&w=2 [oss-security] 20101102 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/10 http://openwall.com/lists/oss-security/2010/11/02/12 http://openwall.com/lists/oss-security/2010/11/02/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f https://bugzilla.redhat.com/show_bug.cgi?id=649715 Common Vulnerability Exposure (CVE) ID: CVE-2010-3877 [netdev] 20101031 [PATCH 3/3] net: tipc: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507420917&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=88f8a5e3e7defccd3925cabb1ee4d3994e5cdb52 https://bugzilla.redhat.com/show_bug.cgi?id=649717 kernel-getname-info-disc(64578) https://exchange.xforce.ibmcloud.com/vulnerabilities/64578 Common Vulnerability Exposure (CVE) ID: CVE-2010-3880 42126 http://secunia.com/advisories/42126 44665 http://www.securityfocus.com/bid/44665 [netdev] 20101103 [PATCH 2/2] inet_diag: Make sure we actually run the same bytecode we audited. http://www.spinics.net/lists/netdev/msg145899.html [oss-security] 20101104 CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/04/9 [oss-security] 20101105 Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/05/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22e76c849d505d87c5ecf3d3e6742a65f0ff4860 https://bugzilla.redhat.com/show_bug.cgi?id=651264 Common Vulnerability Exposure (CVE) ID: CVE-2010-4072 BugTraq ID: 45054 http://www.securityfocus.com/bid/45054 http://lkml.org/lkml/2010/10/6/454 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-4073 BugTraq ID: 45073 http://www.securityfocus.com/bid/45073 http://lkml.org/lkml/2010/10/6/492 http://securityreason.com/securityalert/8366 Common Vulnerability Exposure (CVE) ID: CVE-2010-4074 BugTraq ID: 45074 http://www.securityfocus.com/bid/45074 http://lkml.org/lkml/2010/9/15/392 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 Common Vulnerability Exposure (CVE) ID: CVE-2010-4078 BugTraq ID: 43810 http://www.securityfocus.com/bid/43810 SuSE Security Announcement: SUSE-SA:2011:002 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-4079 BugTraq ID: 45062 http://www.securityfocus.com/bid/45062 http://lkml.org/lkml/2010/9/15/393 Common Vulnerability Exposure (CVE) ID: CVE-2010-4080 BugTraq ID: 45058 http://www.securityfocus.com/bid/45058 BugTraq ID: 45063 http://www.securityfocus.com/bid/45063 http://lkml.org/lkml/2010/9/25/41 Common Vulnerability Exposure (CVE) ID: CVE-2010-4081 Common Vulnerability Exposure (CVE) ID: CVE-2010-4083 BugTraq ID: 43809 http://www.securityfocus.com/bid/43809 http://www.spinics.net/lists/mm-commits/msg80234.html Common Vulnerability Exposure (CVE) ID: CVE-2010-4157 44648 http://www.securityfocus.com/bid/44648 [linux-scsi] 20101008 [patch] gdth: integer overflow in ioctl http://ns3.spinics.net/lists/linux-scsi/msg47361.html [oss-security] 20101108 CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/1 [oss-security] 20101108 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/3 [oss-security] 20101109 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/4 http://openwall.com/lists/oss-security/2010/11/09/5 [oss-security] 20101110 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/10/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1 https://bugzilla.redhat.com/show_bug.cgi?id=651147 Common Vulnerability Exposure (CVE) ID: CVE-2010-4160 44762 http://www.securityfocus.com/bid/44762 [netdev] 20101031 [SECURITY] L2TP send buffer allocation size overflows http://www.spinics.net/lists/netdev/msg145673.html [oss-security] 20101110 CVE request: kernel: L2TP send buffer allocation size overflows http://openwall.com/lists/oss-security/2010/11/10/5 [oss-security] 20101110 Re: CVE request: kernel: L2TP send buffer allocation size overflows http://openwall.com/lists/oss-security/2010/11/10/16 [oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows http://openwall.com/lists/oss-security/2010/11/24/12 http://openwall.com/lists/oss-security/2010/11/24/4 http://openwall.com/lists/oss-security/2010/11/24/5 http://openwall.com/lists/oss-security/2010/11/24/6 http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/ https://bugzilla.redhat.com/show_bug.cgi?id=651892 Common Vulnerability Exposure (CVE) ID: CVE-2010-4164 45055 http://www.securityfocus.com/bid/45055 [netdev] 20101111 [SECURITY] [PATCH] Prevent crashing when parsing bad X.25 http://marc.info/?l=linux-netdev&m=128951543005554&w=2 [oss-security] 20101111 CVE request: kernel: remote DoS in X.25 http://openwall.com/lists/oss-security/2010/11/11/2 [oss-security] 20101112 Re: CVE request: kernel: remote DoS in X.25 http://openwall.com/lists/oss-security/2010/11/12/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f https://bugzilla.redhat.com/show_bug.cgi?id=652517
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.