Test ID:	1.3.6.1.4.1.25623.1.0.69885
Category:	Fedora Local Security Checks
Title:	Fedora Core 13 FEDORA-2011-6447 (kernel)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kernel announced via advisory FEDORA-2011-6447. Update Information: Update to kernel 2.6.34.9: http://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.9 References: [ 1 ] Bug #690028 - CVE-2011-1182 kernel signal spoofing issue https://bugzilla.redhat.com/show_bug.cgi?id=690028 [ 2 ] Bug #694021 - CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows https://bugzilla.redhat.com/show_bug.cgi?id=694021 [ 3 ] Bug #681260 - CVE-2011-1079 kernel: bnep device field missing NULL terminator https://bugzilla.redhat.com/show_bug.cgi?id=681260 [ 4 ] Bug #682954 - CVE-2011-1093 kernel: dccp: fix oops on Reset after close https://bugzilla.redhat.com/show_bug.cgi?id=682954 [ 5 ] Bug #698996 - CVE-2011-1745 CVE-2011-2022 kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls https://bugzilla.redhat.com/show_bug.cgi?id=698996 [ 6 ] Bug #698998 - CVE-2011-1746 kernel: agp: insufficient page_count parameter checking in agp_allocate_memory() https://bugzilla.redhat.com/show_bug.cgi?id=698998 [ 7 ] Bug #632069 - CVE-2010-3084 kernel: niu: buffer overflow for ETHTOOL_GRXCLSRLALL https://bugzilla.redhat.com/show_bug.cgi?id=632069 [ 8 ] Bug #679925 - CVE-2011-1013 kernel: drm_modeset_ctl signedness issue https://bugzilla.redhat.com/show_bug.cgi?id=679925 [ 9 ] Bug #667615 - CVE-2010-4527 kernel: buffer overflow in OSS load_mixer_volumes https://bugzilla.redhat.com/show_bug.cgi?id=667615 [ 10 ] Bug #631623 - CVE-2010-3079 kernel: ftrace NULL ptr deref https://bugzilla.redhat.com/show_bug.cgi?id=631623 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update kernel' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-6447 Risk factor : Critical CVSS Score: 8.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1494 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 46397 http://secunia.com/advisories/46397 47185 http://www.securityfocus.com/bid/47185 RHSA-2011:0833 http://rhn.redhat.com/errata/RHSA-2011-0833.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [linux-kernel] 20110405 [PATCH] drivers/scsi/mpt2sas: prevent heap overflows and unchecked reads http://lkml.org/lkml/2011/4/5/327 [oss-security] 20110405 CVE request: kernel: two issues in mpt2sas http://openwall.com/lists/oss-security/2011/04/05/32 [oss-security] 20110406 Re: CVE request: kernel: two issues in mpt2sas http://openwall.com/lists/oss-security/2011/04/06/2 http://downloads.avaya.com/css/P8/documents/100145416 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=694021 https://patchwork.kernel.org/patch/688021/ Common Vulnerability Exposure (CVE) ID: CVE-2011-1495 Common Vulnerability Exposure (CVE) ID: CVE-2011-1093 46793 http://www.securityfocus.com/bid/46793 [oss-security] 20110308 CVE request: kernel: dccp: fix oops on Reset after close http://openwall.com/lists/oss-security/2011/03/08/4 [oss-security] 20110308 Re: CVE request: kernel: dccp: fix oops on Reset after close http://openwall.com/lists/oss-security/2011/03/08/19 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 https://bugzilla.redhat.com/show_bug.cgi?id=682954 Common Vulnerability Exposure (CVE) ID: CVE-2011-1079 [oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes http://www.openwall.com/lists/oss-security/2011/03/01/10 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=43629f8f5ea32a998d06d1bb41eefa0e821ff573 http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html https://bugzilla.redhat.com/show_bug.cgi?id=681260 https://github.com/torvalds/linux/commit/43629f8f5ea32a998d06d1bb41eefa0e821ff573 Common Vulnerability Exposure (CVE) ID: CVE-2011-1745 47534 http://www.securityfocus.com/bid/47534 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html [linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes https://lkml.org/lkml/2011/4/14/293 [oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp http://openwall.com/lists/oss-security/2011/04/21/4 [oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp http://openwall.com/lists/oss-security/2011/04/22/7 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5 https://bugzilla.redhat.com/show_bug.cgi?id=698996 Common Vulnerability Exposure (CVE) ID: CVE-2011-1746 47535 http://www.securityfocus.com/bid/47535 [linux-kernel] 20110414 [PATCH] char: agp: fix OOM and buffer overflow https://lkml.org/lkml/2011/4/14/294 [linux-kernel] 20110419 Re: [PATCH] char: agp: fix OOM and buffer overflow https://lkml.org/lkml/2011/4/19/400 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355 https://bugzilla.redhat.com/show_bug.cgi?id=698998 Common Vulnerability Exposure (CVE) ID: CVE-2010-4165 42778 http://secunia.com/advisories/42778 42801 http://secunia.com/advisories/42801 42932 http://secunia.com/advisories/42932 44830 http://www.securityfocus.com/bid/44830 69241 http://www.osvdb.org/69241 8111 http://securityreason.com/securityalert/8111 8123 http://securityreason.com/securityalert/8123 ADV-2011-0012 http://www.vupen.com/english/advisories/2011/0012 ADV-2011-0124 http://www.vupen.com/english/advisories/2011/0124 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 MDVSA-2011:029 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 SUSE-SA:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SUSE-SA:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html SUSE-SA:2011:004 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html [netdev] 20101110 Re: possible kernel oops from user MSS http://www.spinics.net/lists/netdev/msg146495.html [netdev] 20101110 possible kernel oops from user MSS http://www.spinics.net/lists/netdev/msg146405.html [oss-security] 20101112 CVE request: kernel: possible kernel oops from user MSS http://www.openwall.com/lists/oss-security/2010/11/12/1 [oss-security] 20101112 Re: CVE request: kernel: possible kernel oops from user MSS http://www.openwall.com/lists/oss-security/2010/11/12/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=652508 Common Vulnerability Exposure (CVE) ID: CVE-2011-0521 1025195 http://www.securitytracker.com/id?1025195 43009 http://secunia.com/advisories/43009 45986 http://www.securityfocus.com/bid/45986 [oss-security] 20110125 Linux kernel av7110 negative array offset http://openwall.com/lists/oss-security/2011/01/24/2 [oss-security] 20110125 Re: Linux kernel av7110 negative array offset http://openwall.com/lists/oss-security/2011/01/25/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb26a24ee9706473f31d34cc259f4dcf45cd0644 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc2 kernel-av7110ca-privilege-escalation(64988) https://exchange.xforce.ibmcloud.com/vulnerabilities/64988 Common Vulnerability Exposure (CVE) ID: CVE-2010-4346 42570 http://secunia.com/advisories/42570 45323 http://www.securityfocus.com/bid/45323 [linux-kernel] 20101209 [PATCH] install_special_mapping skips security_file_mmap check. https://lkml.org/lkml/2010/12/9/222 [oss-security] 20101209 Re: [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] http://openwall.com/lists/oss-security/2010/12/09/13 [oss-security] 20101209 [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] http://openwall.com/lists/oss-security/2010/12/09/12 [oss-security] 20101210 Re: Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check http://openwall.com/lists/oss-security/2010/12/10/3 [oss-security] 20101210 Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check http://openwall.com/lists/oss-security/2010/12/10/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=462e635e5b73ba9a4c03913b77138cd57ce4b050 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=662189 Common Vulnerability Exposure (CVE) ID: CVE-2010-4649 46073 http://www.securityfocus.com/bid/46073 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 https://bugzilla.redhat.com/show_bug.cgi?id=667916 Common Vulnerability Exposure (CVE) ID: CVE-2011-0006 [oss-security] 20110106 Re: CVE Request: kernel [Re: Security review of 2.6.32.28] http://www.openwall.com/lists/oss-security/2011/01/06/18 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9 https://bugzilla.redhat.com/show_bug.cgi?id=667912 https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9 Common Vulnerability Exposure (CVE) ID: CVE-2010-4648 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a54917c3fc295cb61f3fb52373c173fd3b69f48 https://bugzilla.redhat.com/show_bug.cgi?id=667907 https://github.com/torvalds/linux/commit/0a54917c3fc295cb61f3fb52373c173fd3b69f48 Common Vulnerability Exposure (CVE) ID: CVE-2010-4650 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7572777eef78ebdee1ecb7c258c0ef94d35bad16 https://bugzilla.redhat.com/show_bug.cgi?id=667892 https://github.com/torvalds/linux/commit/7572777eef78ebdee1ecb7c258c0ef94d35bad16 Common Vulnerability Exposure (CVE) ID: CVE-2010-4163 42890 http://secunia.com/advisories/42890 44793 http://www.securityfocus.com/bid/44793 RHSA-2011:0007 http://www.redhat.com/support/errata/RHSA-2011-0007.html [oss-security] 20101110 CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/10/18 [oss-security] 20101112 Re: CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/12/2 [oss-security] 20101129 Re: CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/29/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=652957 Common Vulnerability Exposure (CVE) ID: CVE-2010-4668 BugTraq ID: 45660 http://www.securityfocus.com/bid/45660 http://lkml.org/lkml/2010/11/29/70 http://lkml.org/lkml/2010/11/29/68 http://openwall.com/lists/oss-security/2010/11/30/4 http://openwall.com/lists/oss-security/2010/11/30/7 XForce ISS Database: linux-blkrqmapuseriov-dos(64496) https://exchange.xforce.ibmcloud.com/vulnerabilities/64496 Common Vulnerability Exposure (CVE) ID: CVE-2010-4157 42745 http://secunia.com/advisories/42745 42789 http://secunia.com/advisories/42789 42963 http://secunia.com/advisories/42963 43291 http://secunia.com/advisories/43291 44648 http://www.securityfocus.com/bid/44648 ADV-2010-3321 http://www.vupen.com/english/advisories/2010/3321 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 ADV-2011-0168 http://www.vupen.com/english/advisories/2011/0168 ADV-2011-0375 http://www.vupen.com/english/advisories/2011/0375 FEDORA-2010-18983 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html RHSA-2010:0958 http://www.redhat.com/support/errata/RHSA-2010-0958.html RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html RHSA-2011:0162 http://www.redhat.com/support/errata/RHSA-2011-0162.html SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:008 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html [linux-scsi] 20101008 [patch] gdth: integer overflow in ioctl http://ns3.spinics.net/lists/linux-scsi/msg47361.html [oss-security] 20101108 CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/1 [oss-security] 20101108 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/3 [oss-security] 20101109 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/09/4 http://openwall.com/lists/oss-security/2010/11/09/5 [oss-security] 20101110 Re: CVE request: kernel: gdth: integer overflow in ioc_general() http://openwall.com/lists/oss-security/2010/11/10/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1 https://bugzilla.redhat.com/show_bug.cgi?id=651147 Common Vulnerability Exposure (CVE) ID: CVE-2010-4158 20101109 Kernel 0-day http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html http://www.securityfocus.com/archive/1/514705 20101118 Re: Kernel 0-day http://www.securityfocus.com/archive/1/514845 42884 http://secunia.com/advisories/42884 44758 http://www.securityfocus.com/bid/44758 RHSA-2011:0017 http://www.redhat.com/support/errata/RHSA-2011-0017.html [netdev] 20101109 [PATCH] Prevent reading uninitialized memory with socket filters http://www.spinics.net/lists/netdev/msg146361.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=57fe93b374a6b8711995c2d466c502af9f3a08bb https://bugzilla.redhat.com/show_bug.cgi?id=651698 Common Vulnerability Exposure (CVE) ID: CVE-2010-3874 DSA-2126 http://www.debian.org/security/2010/dsa-2126 [netdev] 20101102 [SECURITY] CAN info leak/minor heap overflow http://www.spinics.net/lists/netdev/msg145791.html [netdev] 20101110 can-bcm: fix minor heap overflow http://www.spinics.net/lists/netdev/msg146469.html [oss-security] 20101103 CVE request: kernel: CAN information leak http://openwall.com/lists/oss-security/2010/11/03/3 [oss-security] 20101104 Re: CVE request: kernel: CAN information leak http://openwall.com/lists/oss-security/2010/11/04/4 [oss-security] 20101220 CVE request: kernel: CAN information leak, 2nd attempt http://openwall.com/lists/oss-security/2010/12/20/2 [oss-security] 20101220 Re: CVE request: kernel: CAN information leak, 2nd attempt http://openwall.com/lists/oss-security/2010/12/20/3 http://openwall.com/lists/oss-security/2010/12/20/4 http://openwall.com/lists/oss-security/2010/12/20/5 http://openwall.com/lists/oss-security/2010/12/21/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0597d1b99fcfc2c0eada09a698f85ed413d4ba84 https://bugzilla.redhat.com/show_bug.cgi?id=649695 Common Vulnerability Exposure (CVE) ID: CVE-2010-4162 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb4644cac4a2797afc847e6c92736664d4b0ea34 https://bugzilla.redhat.com/show_bug.cgi?id=652529 Common Vulnerability Exposure (CVE) ID: CVE-2010-4249 15622 http://www.exploit-db.com/exploits/15622/ 42354 http://secunia.com/advisories/42354 45037 http://www.securityfocus.com/bid/45037 [linux-kernel] 20101123 Unix socket local DOS (OOM) http://lkml.org/lkml/2010/11/23/395 [linux-kernel] 20101124 [PATCH net-next-2.6] scm: lower SCM_MAX_FD http://lkml.org/lkml/2010/11/23/450 [linux-kernel] 20101125 Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect :( http://lkml.org/lkml/2010/11/25/8 [netdev] 20101124 [PATCH] af_unix: limit unix_tot_inflight http://marc.info/?l=linux-netdev&m=129059035929046&w=2 [oss-security] 20101124 CVE request: kernel: unix socket local dos http://www.openwall.com/lists/oss-security/2010/11/24/2 [oss-security] 20101124 Re: CVE request: kernel: unix socket local dos http://www.openwall.com/lists/oss-security/2010/11/24/10 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=656756 Common Vulnerability Exposure (CVE) ID: CVE-2010-2962 BugTraq ID: 44067 http://www.securityfocus.com/bid/44067 http://www.redhat.com/support/errata/RHSA-2010-0842.html http://secunia.com/advisories/42758 SuSE Security Announcement: SUSE-SA:2010:050 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html SuSE Security Announcement: SUSE-SA:2010:051 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00004.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) http://www.ubuntu.com/usn/USN-1041-1 http://www.vupen.com/english/advisories/2011/0070 Common Vulnerability Exposure (CVE) ID: CVE-2010-2963 BugTraq ID: 44242 http://www.securityfocus.com/bid/44242 Debian Security Information: DSA-2126 (Google Search) http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 http://www.outflux.net/blog/archives/2010/10/19/cve-2010-2963-v4l-compat-exploit/ http://www.securitytracker.com/id?1024710 SuSE Security Announcement: SUSE-SA:2010:053 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html SuSE Security Announcement: SUSE-SA:2010:057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html http://www.ubuntu.com/usn/USN-1000-1 Common Vulnerability Exposure (CVE) ID: CVE-2010-3698 44500 http://www.securityfocus.com/bid/44500 ADV-2010-3123 http://www.vupen.com/english/advisories/2010/3123 RHSA-2010:0842 RHSA-2010:0898 http://www.redhat.com/support/errata/RHSA-2010-0898.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9581d442b9058d3699b4be568b6e5eae38a41493 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=639879 Common Vulnerability Exposure (CVE) ID: CVE-2010-3705 USN-1000-1 [linux-kernel] 20101001 [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac() http://marc.info/?l=linux-kernel&m=128596992418814&w=2 [oss-security] 20101004 CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/2 [oss-security] 20101004 Re: CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/7 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362 https://bugzilla.redhat.com/show_bug.cgi?id=640036 Common Vulnerability Exposure (CVE) ID: CVE-2010-3442 42400 http://secunia.com/advisories/42400 43787 http://www.securityfocus.com/bid/43787 ADV-2010-3113 http://www.vupen.com/english/advisories/2010/3113 MDVSA-2010:257 RHSA-2010:0936 http://www.redhat.com/support/errata/RHSA-2010-0936.html [oss-security] 20100929 CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/2 [oss-security] 20100929 Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/3 http://www.openwall.com/lists/oss-security/2010/09/29/4 http://www.openwall.com/lists/oss-security/2010/09/29/9 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100928.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=638478 Common Vulnerability Exposure (CVE) ID: CVE-2010-4258 20101207 Linux kernel exploit http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html 43056 http://secunia.com/advisories/43056 ADV-2011-0213 http://www.vupen.com/english/advisories/2011/0213 SUSE-SA:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html [linux-kernel] 20101201 Re: [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS. https://lkml.org/lkml/2010/12/1/543 [linux-kernel] 20101201 [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS. http://marc.info/?l=linux-kernel&m=129117048916957&w=2 [oss-security] 20101202 CVE request: kernel: failure to revert address limit override in OOPS error path http://openwall.com/lists/oss-security/2010/12/02/2 [oss-security] 20101202 Re: CVE request: kernel: failure to revert address limit override in OOPS error path http://openwall.com/lists/oss-security/2010/12/02/7 [oss-security] 20101202 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses http://openwall.com/lists/oss-security/2010/12/02/4 [oss-security] 20101202 kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses http://openwall.com/lists/oss-security/2010/12/02/3 [oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses http://openwall.com/lists/oss-security/2010/12/08/4 http://openwall.com/lists/oss-security/2010/12/08/5 http://openwall.com/lists/oss-security/2010/12/08/9 [oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses http://openwall.com/lists/oss-security/2010/12/09/14 http://openwall.com/lists/oss-security/2010/12/09/4 http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/ http://code.google.com/p/chromium-os/issues/detail?id=10234 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177 http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html https://bugzilla.redhat.com/show_bug.cgi?id=659567 Common Vulnerability Exposure (CVE) ID: CVE-2010-4169 44861 http://www.securityfocus.com/bid/44861 [oss-security] 20101115 CVE request: kernel: perf bug http://marc.info/?l=oss-security&m=128979684911295&w=2 [oss-security] 20101115 Re: CVE request: kernel: perf bug http://marc.info/?l=oss-security&m=128984344103497&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=63bfd7384b119409685a17d5c58f0b56e5dc03da https://bugzilla.redhat.com/show_bug.cgi?id=651671 kernel-perfeventmmap-dos(63316) https://exchange.xforce.ibmcloud.com/vulnerabilities/63316 Common Vulnerability Exposure (CVE) ID: CVE-2010-4073 BugTraq ID: 45073 http://www.securityfocus.com/bid/45073 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://lkml.org/lkml/2010/10/6/492 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 http://securityreason.com/securityalert/8366 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-4072 BugTraq ID: 45054 http://www.securityfocus.com/bid/45054 http://lkml.org/lkml/2010/10/6/454 http://secunia.com/advisories/43161 http://www.ubuntu.com/usn/USN-1057-1 http://www.vupen.com/english/advisories/2011/0280 Common Vulnerability Exposure (CVE) ID: CVE-2010-3880 42126 http://secunia.com/advisories/42126 44665 http://www.securityfocus.com/bid/44665 [netdev] 20101103 [PATCH 2/2] inet_diag: Make sure we actually run the same bytecode we audited. http://www.spinics.net/lists/netdev/msg145899.html [oss-security] 20101104 CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/04/9 [oss-security] 20101105 Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/05/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22e76c849d505d87c5ecf3d3e6742a65f0ff4860 https://bugzilla.redhat.com/show_bug.cgi?id=651264 Common Vulnerability Exposure (CVE) ID: CVE-2010-4082 BugTraq ID: 43817 http://www.securityfocus.com/bid/43817 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03392.html http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 SuSE Security Announcement: SUSE-SA:2011:002 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-3904 CERT/CC vulnerability note: VU#362983 http://www.kb.cert.org/vuls/id/362983 https://www.exploit-db.com/exploits/44677/ http://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html http://www.vsecurity.com/download/tools/linux-rds-exploit.c http://www.vsecurity.com/resources/advisory/20101019-1/ http://www.redhat.com/support/errata/RHSA-2010-0792.html http://securitytracker.com/id?1024613 Common Vulnerability Exposure (CVE) ID: CVE-2010-3432 43480 http://www.securityfocus.com/bid/43480 [netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix http://marc.info/?l=linux-netdev&m=128453869227715&w=3 [oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128534569803598&w=2 [oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128537701808336&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6 https://bugzilla.redhat.com/show_bug.cgi?id=637675 Common Vulnerability Exposure (CVE) ID: CVE-2010-3079 42758 43684 http://www.securityfocus.com/bid/43684 ADV-2011-0070 SUSE-SA:2010:050 USN-1041-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c55cb12c1c172e2d51e85fbb5a4796ca86b77e7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.5 https://bugzilla.redhat.com/show_bug.cgi?id=631623 Common Vulnerability Exposure (CVE) ID: CVE-2010-3080 43062 http://www.securityfocus.com/bid/43062 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 SUSE-SA:2010:054 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html [oss-security] 20100908 CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly http://www.openwall.com/lists/oss-security/2010/09/08/7 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=630551 Common Vulnerability Exposure (CVE) ID: CVE-2010-3081 20100916 Ac1db1tch3z vs x86_64 Linux Kernel http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html 20100916 Workaround for Ac1db1tch3z exploit. http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html 20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne http://www.securityfocus.com/archive/1/514938/30/30/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 42384 http://secunia.com/advisories/42384 43315 http://secunia.com/advisories/43315 ADV-2010-3083 http://www.vupen.com/english/advisories/2010/3083 ADV-2010-3117 http://www.vupen.com/english/advisories/2010/3117 MDVSA-2010:214 http://www.mandriva.com/security/advisories?name=MDVSA-2010:214 MDVSA-2010:247 http://www.mandriva.com/security/advisories?name=MDVSA-2010:247 RHSA-2010:0758 http://www.redhat.com/support/errata/RHSA-2010-0758.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow http://marc.info/?l=oss-security&m=128461522230211&w=2 http://blog.ksplice.com/2010/09/cve-2010-3081/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://isc.sans.edu/diary.html?storyid=9574 http://sota.gen.nz/compat1/ http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log http://www.vmware.com/security/advisories/VMSA-2010-0017.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://access.redhat.com/kb/docs/DOC-40265 https://bugzilla.redhat.com/show_bug.cgi?id=634457 Common Vulnerability Exposure (CVE) ID: CVE-2010-3301 [oss-security] 20100916 CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability http://www.openwall.com/lists/oss-security/2010/09/16/1 [oss-security] 20100916 Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability http://www.openwall.com/lists/oss-security/2010/09/16/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac http://sota.gen.nz/compat2/ https://bugzilla.redhat.com/show_bug.cgi?id=634449 Common Vulnerability Exposure (CVE) ID: CVE-2010-3067 RHSA-2010:0779 http://www.redhat.com/support/errata/RHSA-2010-0779.html RHSA-2010:0839 http://www.redhat.com/support/errata/RHSA-2010-0839.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc4-next-20100915.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=629441 kernel-doiosubmit-dos(61884) https://exchange.xforce.ibmcloud.com/vulnerabilities/61884 Common Vulnerability Exposure (CVE) ID: CVE-2010-2960 BugTraq ID: 42932 http://www.securityfocus.com/bid/42932 http://twitter.com/taviso/statuses/22777866582 http://www.openwall.com/lists/oss-security/2010/09/02/1 http://securitytracker.com/id?1024384 http://secunia.com/advisories/41263 XForce ISS Database: linux-kernel-keyctl-dos(61557) https://exchange.xforce.ibmcloud.com/vulnerabilities/61557 Common Vulnerability Exposure (CVE) ID: CVE-2010-2954 41234 http://secunia.com/advisories/41234 41512 http://secunia.com/advisories/41512 ADV-2010-2266 http://www.vupen.com/english/advisories/2010/2266 ADV-2010-2430 http://www.vupen.com/english/advisories/2010/2430 SUSE-SA:2010:041 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html [netdev] 20100830 [PATCH] irda: Correctly clean up self->ias_obj on irda_bind() failure. http://www.spinics.net/lists/netdev/msg139404.html [oss-security] 20100901 CVE-2010-2954 kernel: irda null ptr deref http://marc.info/?l=oss-security&m=128331787923285&w=2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257 http://twitter.com/taviso/statuses/22635752128 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=628770 kernel-irdabind-dos(61522) https://exchange.xforce.ibmcloud.com/vulnerabilities/61522 Common Vulnerability Exposure (CVE) ID: CVE-2010-2955 41245 http://secunia.com/advisories/41245 42885 http://www.securityfocus.com/bid/42885 RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html [linux-kernel] 20100827 [PATCH] wireless: fix 64K kernel heap content leak via ioctl http://lkml.org/lkml/2010/8/27/413 [linux-kernel] 20100830 Re: [PATCH] wireless extensions: fix kernel heap content leak http://lkml.org/lkml/2010/8/30/351 [linux-kernel] 20100830 Re: [PATCH] wireless: fix 64K kernel heap content leak via ioctl http://lkml.org/lkml/2010/8/30/127 [linux-kernel] 20100830 [PATCH] wireless extensions: fix kernel heap content leak http://lkml.org/lkml/2010/8/30/146 [oss-security] 20100831 CVE-2010-2955 kernel: wireless: fix 64K kernel heap content leak via ioctl http://www.openwall.com/lists/oss-security/2010/08/31/1 http://forums.grsecurity.net/viewtopic.php?f=3&t=2290 http://git.kernel.org/?p=linux/kernel/git/linville/wireless-2.6.git%3Ba=commit%3Bh=42da2f948d949efd0111309f5827bf0298bcc9a4 http://grsecurity.net/~spender/wireless-infoleak-fix2.patch http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100831.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=628434 Common Vulnerability Exposure (CVE) ID: CVE-2010-2524 MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 RHSA-2010:0610 http://www.redhat.com/support/errata/RHSA-2010-0610.html SUSE-SA:2010:040 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html [oss-security] 20100802 CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128072090331700&w=2 [oss-security] 20100802 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128078387328921&w=2 [oss-security] 20100803 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128080755321157&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 https://bugzilla.redhat.com/show_bug.cgi?id=612166 Common Vulnerability Exposure (CVE) ID: CVE-2010-2478 41223 http://www.securityfocus.com/bid/41223 [netdev] 20100628 [PATCH net-2.6 1/2] ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://article.gmane.org/gmane.linux.network/164869 [oss-security] 20100629 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/29/3 [oss-security] 20100629 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/29/1 [oss-security] 20100630 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/30/17 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db048b69037e7fa6a7d9e95a1271a50dc08ae233 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7 https://bugzilla.redhat.com/show_bug.cgi?id=608950 Common Vulnerability Exposure (CVE) ID: CVE-2010-2071 [linux-kernel] 20100518 [PATCH] btrfs: should add a permission check for setfacl http://lkml.org/lkml/2010/5/17/544 [oss-security] 20100611 CVE request - kernel: btrfs: prevent users from setting ACLs on files they do not own http://www.openwall.com/lists/oss-security/2010/06/11/3 [oss-security] 20100614 Re: CVE request - kernel: btrfs: prevent users from setting ACLs on files they do not own http://www.openwall.com/lists/oss-security/2010/06/14/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba Common Vulnerability Exposure (CVE) ID: CVE-2011-1182 [oss-security] 20110323 Re: Linux kernel signal spoofing vulnerability (CVE request) http://www.openwall.com/lists/oss-security/2011/03/23/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=da48524eb20662618854bb3df2db01fc65f3070c https://bugzilla.redhat.com/show_bug.cgi?id=690028 https://github.com/torvalds/linux/commit/da48524eb20662618854bb3df2db01fc65f3070c Common Vulnerability Exposure (CVE) ID: CVE-2011-2022 BugTraq ID: 47843 http://www.securityfocus.com/bid/47843 RedHat Security Advisories: RHSA-2011:0927 Common Vulnerability Exposure (CVE) ID: CVE-2010-3084 43098 http://www.securityfocus.com/bid/43098 [netdev] 20100907 [PATCH net-2.6] niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL http://www.spinics.net/lists/netdev/msg140133.html [oss-security] 20100909 CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/09/09/1 [oss-security] 20100910 Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/09/11/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9 https://bugzilla.redhat.com/show_bug.cgi?id=632069 Common Vulnerability Exposure (CVE) ID: CVE-2011-1013 47639 http://www.securityfocus.com/bid/47639 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c.diff?r1=1.41%3Br2=1.42%3Bf=h https://bugzilla.redhat.com/show_bug.cgi?id=679925 kernel-drmioctl-priv-escalation(67199) https://exchange.xforce.ibmcloud.com/vulnerabilities/67199 Common Vulnerability Exposure (CVE) ID: CVE-2010-4527 42765 http://secunia.com/advisories/42765 45629 http://www.securityfocus.com/bid/45629 [oss-security] 20101230 CVE request: kernel: buffer overflow in OSS load_mixer_volumes http://openwall.com/lists/oss-security/2010/12/31/1 [oss-security] 20101231 Re: CVE request: kernel: buffer overflow in OSS load_mixer_volumes http://openwall.com/lists/oss-security/2010/12/31/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/ https://bugzilla.redhat.com/show_bug.cgi?id=667615
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.