Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702668
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2668-1 (linux-2.6 - privilege escalation/denial of service/information leak)
Summary:Several vulnerabilities have been discovered in the Linux kernel that may lead;to a denial of service, information leak or privilege escalation. The Common;Vulnerabilities and Exposures project identifies the following problems:;;CVE-2012-2121;Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU;mapping of memory slots used in KVM device assignment. Local users with;the ability to assign devices could cause a denial of service due to a;memory page leak.;;Description truncated. Please see the references for more information.
Description:Summary:
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service, information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2012-2121
Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU
mapping of memory slots used in KVM device assignment. Local users with
the ability to assign devices could cause a denial of service due to a
memory page leak.

Description truncated. Please see the references for more information.

Affected Software/OS:
linux-2.6 on Debian Linux

Solution:
For the oldstable distribution (squeeze), this problem has been fixed in
version 2.6.32-48squeeze3.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze3
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note
: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or 'leap-frog' fashion.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1773
BugTraq ID: 58200
http://www.securityfocus.com/bid/58200
http://www.exploit-db.com/exploits/23248/
http://www.openwall.com/lists/oss-security/2013/02/26/8
http://www.osvdb.org/88310
RedHat Security Advisories: RHSA-2013:0744
http://rhn.redhat.com/errata/RHSA-2013-0744.html
RedHat Security Advisories: RHSA-2013:0928
http://rhn.redhat.com/errata/RHSA-2013-0928.html
RedHat Security Advisories: RHSA-2013:1026
http://rhn.redhat.com/errata/RHSA-2013-1026.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-1929
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf
http://www.openwall.com/lists/oss-security/2013/04/06/3
RedHat Security Advisories: RHSA-2013:1645
http://rhn.redhat.com/errata/RHSA-2013-1645.html
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1834-1
http://www.ubuntu.com/usn/USN-1835-1
http://www.ubuntu.com/usn/USN-1836-1
http://www.ubuntu.com/usn/USN-1838-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1792
http://www.openwall.com/lists/oss-security/2013/03/07/1
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
SuSE Security Announcement: openSUSE-SU-2014:0204 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
http://www.ubuntu.com/usn/USN-1787-1
http://www.ubuntu.com/usn/USN-1788-1
http://www.ubuntu.com/usn/USN-1792-1
http://www.ubuntu.com/usn/USN-1793-1
http://www.ubuntu.com/usn/USN-1794-1
http://www.ubuntu.com/usn/USN-1795-1
http://www.ubuntu.com/usn/USN-1796-1
http://www.ubuntu.com/usn/USN-1797-1
http://www.ubuntu.com/usn/USN-1798-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1774
http://xorl.wordpress.com/2013/05/18/cve-2013-1774-linux-kernel-edgeport-usb-serial-converter-null-pointer-dereference/
http://www.openwall.com/lists/oss-security/2013/02/27/29
SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html
SuSE Security Announcement: openSUSE-SU-2013:0847 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html
SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
http://www.ubuntu.com/usn/USN-1805-1
http://www.ubuntu.com/usn/USN-1808-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3224
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html
https://lkml.org/lkml/2013/4/14/107
http://www.openwall.com/lists/oss-security/2013/04/14/3
RedHat Security Advisories: RHSA-2013:1051
http://rhn.redhat.com/errata/RHSA-2013-1051.html
http://www.ubuntu.com/usn/USN-1837-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-6548
http://www.openwall.com/lists/oss-security/2013/03/05/13
http://www.ubuntu.com/usn/USN-1809-1
http://www.ubuntu.com/usn/USN-1811-1
http://www.ubuntu.com/usn/USN-1812-1
http://www.ubuntu.com/usn/USN-1813-1
http://www.ubuntu.com/usn/USN-1814-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-4508
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html
http://www.openwall.com/lists/oss-security/2012/10/25/1
RedHat Security Advisories: RHSA-2012:1540
http://rhn.redhat.com/errata/RHSA-2012-1540.html
RedHat Security Advisories: RHSA-2013:0496
http://rhn.redhat.com/errata/RHSA-2013-0496.html
RedHat Security Advisories: RHSA-2013:1519
http://rhn.redhat.com/errata/RHSA-2013-1519.html
RedHat Security Advisories: RHSA-2013:1783
http://rhn.redhat.com/errata/RHSA-2013-1783.html
SuSE Security Announcement: SUSE-SU-2012:1679 (Google Search)
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
http://www.ubuntu.com/usn/USN-1645-1
http://www.ubuntu.com/usn/USN-1899-1
http://www.ubuntu.com/usn/USN-1900-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2634
http://www.openwall.com/lists/oss-security/2013/03/20/1
http://www.ubuntu.com/usn/USN-1829-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1928
http://www.openwall.com/lists/oss-security/2013/04/06/2
http://www.openwall.com/lists/oss-security/2013/04/09/6
SuSE Security Announcement: SUSE-SU-2013:0856 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-6540
Common Vulnerability Exposure (CVE) ID: CVE-2012-6537
Common Vulnerability Exposure (CVE) ID: CVE-2012-6539
Common Vulnerability Exposure (CVE) ID: CVE-2013-1767
http://www.openwall.com/lists/oss-security/2013/02/25/23
RedHat Security Advisories: RHSA-2013:0882
http://rhn.redhat.com/errata/RHSA-2013-0882.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-2121
http://www.openwall.com/lists/oss-security/2012/04/19/16
RedHat Security Advisories: RHSA-2012:0676
http://rhn.redhat.com/errata/RHSA-2012-0676.html
RedHat Security Advisories: RHSA-2012:0743
http://rhn.redhat.com/errata/RHSA-2012-0743.html
http://www.securitytracker.com/id?1027083
http://secunia.com/advisories/50732
http://www.ubuntu.com/usn/USN-1577-1
http://www.ubuntu.com/usn/USN-2036-1
http://www.ubuntu.com/usn/USN-2037-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-3229
Common Vulnerability Exposure (CVE) ID: CVE-2013-3231
Common Vulnerability Exposure (CVE) ID: CVE-2013-1798
http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html
http://www.openwall.com/lists/oss-security/2013/03/20/9
RedHat Security Advisories: RHSA-2013:0727
http://rhn.redhat.com/errata/RHSA-2013-0727.html
RedHat Security Advisories: RHSA-2013:0746
http://rhn.redhat.com/errata/RHSA-2013-0746.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-6545
Common Vulnerability Exposure (CVE) ID: CVE-2013-3225
Common Vulnerability Exposure (CVE) ID: CVE-2012-4461
BugTraq ID: 56414
http://www.securityfocus.com/bid/56414
http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742
http://www.openwall.com/lists/oss-security/2012/11/06/14
RedHat Security Advisories: RHSA-2013:0223
http://rhn.redhat.com/errata/RHSA-2013-0223.html
http://secunia.com/advisories/51160
Common Vulnerability Exposure (CVE) ID: CVE-2013-0914
http://www.openwall.com/lists/oss-security/2013/03/11/8
Common Vulnerability Exposure (CVE) ID: CVE-2012-6544
RedHat Security Advisories: RHSA-2013:1173
http://rhn.redhat.com/errata/RHSA-2013-1173.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3235
Common Vulnerability Exposure (CVE) ID: CVE-2012-3552
http://www.openwall.com/lists/oss-security/2012/08/31/11
Common Vulnerability Exposure (CVE) ID: CVE-2012-6546
Common Vulnerability Exposure (CVE) ID: CVE-2012-6549
Common Vulnerability Exposure (CVE) ID: CVE-2012-6542
Common Vulnerability Exposure (CVE) ID: CVE-2013-0349
http://www.openwall.com/lists/oss-security/2013/02/23/3
Common Vulnerability Exposure (CVE) ID: CVE-2013-3234
Common Vulnerability Exposure (CVE) ID: CVE-2013-1826
http://www.openwall.com/lists/oss-security/2013/03/07/2
Common Vulnerability Exposure (CVE) ID: CVE-2013-3228
Common Vulnerability Exposure (CVE) ID: CVE-2013-2015
http://www.openwall.com/lists/oss-security/2013/04/26/16
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3223
Common Vulnerability Exposure (CVE) ID: CVE-2013-1796
BugTraq ID: 58607
http://www.securityfocus.com/bid/58607
Common Vulnerability Exposure (CVE) ID: CVE-2013-1860
BugTraq ID: 58510
http://www.securityfocus.com/bid/58510
http://www.openwall.com/lists/oss-security/2013/03/15/3
RedHat Security Advisories: RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RedHat Security Advisories: RHSA-2014:0339
http://rhn.redhat.com/errata/RHSA-2014-0339.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3222
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.