Test ID:	1.3.6.1.4.1.25623.1.0.70904
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1187-1 (linux-image-2.6.35-30-generic)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to linux-image-2.6.35-30-generic announced via advisory USN-1187-1. Details: It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698) Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3865) Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875) Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876) Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3877) Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880) Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2010-3881) Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077) Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4079) Dan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083) Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668) It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248) Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2010-4342) Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346) Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. (CVE-2010-4527) Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. (CVE-2010-4529) Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. (CVE-2010-4565) Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044) Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2010-4656) Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. (CVE-2011-0463) Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. If the dvb-ttpci module was loaded, a local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-0521) Jens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2011-0695) Dan Rosenberg discovered that XFS did not correctly initialize memory. A local attacker could make crafted ioctl calls to leak portions of kernel stack memory, leading to a loss of privacy. (CVE-2011-0711) Rafael Dominguez Vega discovered that the caiaq Native Instruments USB driver did not correctly validate string lengths. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2011-0712) Kees Cook reported that /proc/pid/stat did not correctly filter certain memory locations. A local attacker could determine the memory layout of processes in an attempt to increase the chances of a successful memory corruption exploit. (CVE-2011-0726) Timo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010) Timo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012) Matthiew Herrb discovered that the drm modeset interface did not correctly handle a signed comparison. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1013) Marek Ol??k discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory. (CVE-2011-1016) Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017) Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system. (CVE-2011-1019) Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078) Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079) Vasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080) Nelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082) Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090) Johan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093) Peter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160) Timo Warns discovered that OSF partition parsing routines did not correctly clear memory. A local attacker with physical access could plug in a specially crafted block device to read kernel memory, leading to a loss of privacy. (CVE-2011-1163) Dan Rosenberg discovered that some ALSA drivers did not correctly check the adapter index during ioctl calls. If this driver was loaded, a local attacker could make a specially crafted ioctl call to gain root privileges. (CVE-2011-1169) Vasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534) Vasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173) Dan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180) Julien Tinnes discovered that the kernel did not correctly validate the signal structure from tkill(). A local attacker could exploit this to send signals to arbitrary threads, possibly bypassing expected restrictions. (CVE-2011-1182) Ryan Sweat discovered that the GRO code did not correctly validate memory. In some configurations on systems using VLANs, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1478) Dan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495) Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577) Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593) Oliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598, CVE-2011-1748) Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022) Vasiliy Kulikov discovered that the AGP driver did not check the size of certain memory allocations. A local attacker with access to the video subsystem could exploit this to run the system out of memory, leading to a denial of service. (CVE-2011-1746) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.35-30-generic 2.6.35-30.56~ lucid1 linux-image-2.6.35-30-generic-pae 2.6.35-30.56~ lucid1 linux-image-2.6.35-30-server 2.6.35-30.56~ lucid1 linux-image-2.6.35-30-virtual 2.6.35-30.56~ lucid1 http://www.securityspace.com/smysecure/catid.html?in=USN-1187-1 CVSS Score: 7.8 CVSS Vector: AV:L/AC:L/Au:NR/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3698 42745 http://secunia.com/advisories/42745 44500 http://www.securityfocus.com/bid/44500 ADV-2010-3123 http://www.vupen.com/english/advisories/2010/3123 ADV-2010-3321 http://www.vupen.com/english/advisories/2010/3321 FEDORA-2010-18983 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html MDVSA-2011:029 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html RHSA-2010:0898 http://www.redhat.com/support/errata/RHSA-2010-0898.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9581d442b9058d3699b4be568b6e5eae38a41493 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=639879 Common Vulnerability Exposure (CVE) ID: CVE-2010-3865 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 42778 http://secunia.com/advisories/42778 42789 http://secunia.com/advisories/42789 42801 http://secunia.com/advisories/42801 42890 http://secunia.com/advisories/42890 44549 http://www.securityfocus.com/bid/44549 46397 http://secunia.com/advisories/46397 ADV-2011-0012 http://www.vupen.com/english/advisories/2011/0012 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html RHSA-2011:0007 http://www.redhat.com/support/errata/RHSA-2011-0007.html SUSE-SA:2010:057 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html SUSE-SA:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SUSE-SA:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html [netdev] 20101028 Re: [Security] TIPC security issues http://www.spinics.net/lists/netdev/msg145359.html http://www.spinics.net/lists/netdev/msg145397.html [oss-security] 20101029 CVE request: kernel: iovec overflow in rds_rdma_pages() http://www.openwall.com/lists/oss-security/2010/10/29/1 [oss-security] 20101101 Re: CVE request: kernel: iovec overflow in rds_rdma_pages() http://www.openwall.com/lists/oss-security/2010/11/01/1 http://www.vmware.com/security/advisories/VMSA-2011-0012.html kernel-rdsrdmapages-overflow(62881) https://exchange.xforce.ibmcloud.com/vulnerabilities/62881 Common Vulnerability Exposure (CVE) ID: CVE-2010-3875 44630 http://www.securityfocus.com/bid/44630 DSA-2126 http://www.debian.org/security/2010/dsa-2126 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 [netdev] 20101031 [PATCH 1/3] net: ax25: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507120898&w=2 [oss-security] 20101102 CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/7 [oss-security] 20101104 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/04/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe10ae53384e48c51996941b7720ee16995cbcb7 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=649713 Common Vulnerability Exposure (CVE) ID: CVE-2010-3876 42963 http://secunia.com/advisories/42963 ADV-2011-0168 http://www.vupen.com/english/advisories/2011/0168 RHSA-2010:0958 http://www.redhat.com/support/errata/RHSA-2010-0958.html RHSA-2011:0162 http://www.redhat.com/support/errata/RHSA-2011-0162.html [netdev] 20101031 [PATCH 2/3] net: packet: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507220908&w=2 [oss-security] 20101102 Re: CVE request: kernel stack infoleaks http://openwall.com/lists/oss-security/2010/11/02/10 http://openwall.com/lists/oss-security/2010/11/02/12 http://openwall.com/lists/oss-security/2010/11/02/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f https://bugzilla.redhat.com/show_bug.cgi?id=649715 Common Vulnerability Exposure (CVE) ID: CVE-2010-3877 42884 http://secunia.com/advisories/42884 RHSA-2011:0017 http://www.redhat.com/support/errata/RHSA-2011-0017.html [netdev] 20101031 [PATCH 3/3] net: tipc: fix information leak to userland http://marc.info/?l=linux-netdev&m=128854507420917&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=88f8a5e3e7defccd3925cabb1ee4d3994e5cdb52 https://bugzilla.redhat.com/show_bug.cgi?id=649717 kernel-getname-info-disc(64578) https://exchange.xforce.ibmcloud.com/vulnerabilities/64578 Common Vulnerability Exposure (CVE) ID: CVE-2010-3880 42126 http://secunia.com/advisories/42126 44665 http://www.securityfocus.com/bid/44665 [netdev] 20101103 [PATCH 2/2] inet_diag: Make sure we actually run the same bytecode we audited. http://www.spinics.net/lists/netdev/msg145899.html [oss-security] 20101104 CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/04/9 [oss-security] 20101105 Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing http://openwall.com/lists/oss-security/2010/11/05/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22e76c849d505d87c5ecf3d3e6742a65f0ff4860 https://bugzilla.redhat.com/show_bug.cgi?id=651264 Common Vulnerability Exposure (CVE) ID: CVE-2010-3881 1024912 http://securitytracker.com/id?1024912 42932 http://secunia.com/advisories/42932 44666 http://www.securityfocus.com/bid/44666 ADV-2010-3287 http://www.vupen.com/english/advisories/2010/3287 ADV-2011-0124 http://www.vupen.com/english/advisories/2011/0124 RHSA-2010:0998 http://rhn.redhat.com/errata/RHSA-2010-0998.html SUSE-SA:2011:004 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html [kvm] 20101030 [patch v2] x86: kvm: x86: fix information leak to userland http://www.spinics.net/lists/kvm/msg44130.html [oss-security] 20101104 CVE request: kernel: kvm kernel stack leakage http://openwall.com/lists/oss-security/2010/11/04/10 [oss-security] 20101105 Re: CVE request: kernel: kvm kernel stack leakage http://openwall.com/lists/oss-security/2010/11/05/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838 http://git.kernel.org/?p=virt/kvm/kvm.git%3Ba=commit%3Bh=831d9d02f9522e739825a51a11e3bc5aa531a905 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=649920 Common Vulnerability Exposure (CVE) ID: CVE-2010-4075 BugTraq ID: 43806 http://www.securityfocus.com/bid/43806 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03388.html http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 Common Vulnerability Exposure (CVE) ID: CVE-2010-4076 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.org/lkml/2010/9/15/389 Common Vulnerability Exposure (CVE) ID: CVE-2010-4077 BugTraq ID: 45059 http://www.securityfocus.com/bid/45059 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html http://securityreason.com/securityalert/8129 Common Vulnerability Exposure (CVE) ID: CVE-2010-4079 BugTraq ID: 45062 http://www.securityfocus.com/bid/45062 Debian Security Information: DSA-2126 (Google Search) http://lkml.org/lkml/2010/9/15/393 Common Vulnerability Exposure (CVE) ID: CVE-2010-4083 BugTraq ID: 43809 http://www.securityfocus.com/bid/43809 http://www.spinics.net/lists/mm-commits/msg80234.html http://secunia.com/advisories/43291 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://www.vupen.com/english/advisories/2011/0375 Common Vulnerability Exposure (CVE) ID: CVE-2010-4163 44793 http://www.securityfocus.com/bid/44793 [oss-security] 20101110 CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/10/18 [oss-security] 20101112 Re: CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/12/2 [oss-security] 20101129 Re: CVE request: kernel: Multiple DoS issues in block layer http://openwall.com/lists/oss-security/2010/11/29/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689 https://bugzilla.redhat.com/show_bug.cgi?id=652957 Common Vulnerability Exposure (CVE) ID: CVE-2010-4668 BugTraq ID: 45660 http://www.securityfocus.com/bid/45660 http://lkml.org/lkml/2010/11/29/70 http://lkml.org/lkml/2010/11/29/68 http://openwall.com/lists/oss-security/2010/11/30/4 http://openwall.com/lists/oss-security/2010/11/30/7 XForce ISS Database: linux-blkrqmapuseriov-dos(64496) https://exchange.xforce.ibmcloud.com/vulnerabilities/64496 Common Vulnerability Exposure (CVE) ID: CVE-2010-4248 45028 http://www.securityfocus.com/bid/45028 [oss-security] 20101123 CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec http://www.openwall.com/lists/oss-security/2010/11/23/2 [oss-security] 20101124 Re: CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec http://www.openwall.com/lists/oss-security/2010/11/24/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0a70217107e6f9844628120412cb27bb4cea194 https://bugzilla.redhat.com/show_bug.cgi?id=656264 Common Vulnerability Exposure (CVE) ID: CVE-2010-4342 43291 45321 http://www.securityfocus.com/bid/45321 ADV-2011-0375 SUSE-SA:2011:008 [netdev] 20101209 NULL dereference in econet AUN-over-UDP receive http://marc.info/?l=linux-netdev&m=129185496013580&w=2 [netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive http://marc.info/?l=linux-netdev&m=129186011218615&w=2 [oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET http://openwall.com/lists/oss-security/2010/12/09/1 [oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET http://openwall.com/lists/oss-security/2010/12/09/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6 Common Vulnerability Exposure (CVE) ID: CVE-2010-4346 42570 http://secunia.com/advisories/42570 45323 http://www.securityfocus.com/bid/45323 [linux-kernel] 20101209 [PATCH] install_special_mapping skips security_file_mmap check. https://lkml.org/lkml/2010/12/9/222 [oss-security] 20101209 Re: [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] http://openwall.com/lists/oss-security/2010/12/09/13 [oss-security] 20101209 [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] http://openwall.com/lists/oss-security/2010/12/09/12 [oss-security] 20101210 Re: Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check http://openwall.com/lists/oss-security/2010/12/10/3 [oss-security] 20101210 Subject: CVE request: kernel: install_special_mapping skips security_file_mmap check http://openwall.com/lists/oss-security/2010/12/10/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=462e635e5b73ba9a4c03913b77138cd57ce4b050 https://bugzilla.redhat.com/show_bug.cgi?id=662189 Common Vulnerability Exposure (CVE) ID: CVE-2010-4527 42765 http://secunia.com/advisories/42765 45629 http://www.securityfocus.com/bid/45629 [oss-security] 20101230 CVE request: kernel: buffer overflow in OSS load_mixer_volumes http://openwall.com/lists/oss-security/2010/12/31/1 [oss-security] 20101231 Re: CVE request: kernel: buffer overflow in OSS load_mixer_volumes http://openwall.com/lists/oss-security/2010/12/31/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/ https://bugzilla.redhat.com/show_bug.cgi?id=667615 Common Vulnerability Exposure (CVE) ID: CVE-2010-4529 BugTraq ID: 45556 http://www.securityfocus.com/bid/45556 http://www.spinics.net/lists/netdev/msg150842.html http://openwall.com/lists/oss-security/2010/12/23/1 http://openwall.com/lists/oss-security/2011/01/03/1 http://secunia.com/advisories/42684 Common Vulnerability Exposure (CVE) ID: CVE-2010-4565 BugTraq ID: 44661 http://www.securityfocus.com/bid/44661 https://bugzilla.redhat.com/show_bug.cgi?id=664544 http://www.spinics.net/lists/netdev/msg145796.html http://www.spinics.net/lists/netdev/msg145791.html http://www.spinics.net/lists/netdev/msg146270.html http://www.spinics.net/lists/netdev/msg146468.html http://openwall.com/lists/oss-security/2010/11/03/3 http://openwall.com/lists/oss-security/2010/11/04/4 http://openwall.com/lists/oss-security/2010/12/20/2 http://openwall.com/lists/oss-security/2010/12/21/1 Common Vulnerability Exposure (CVE) ID: CVE-2010-4649 46073 http://www.securityfocus.com/bid/46073 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93 https://bugzilla.redhat.com/show_bug.cgi?id=667916 Common Vulnerability Exposure (CVE) ID: CVE-2011-1044 BugTraq ID: 46488 http://www.securityfocus.com/bid/46488 RedHat Security Advisories: RHSA-2011:0927 XForce ISS Database: kernel-ibuverbspollcq-info-disclosure(65563) https://exchange.xforce.ibmcloud.com/vulnerabilities/65563 Common Vulnerability Exposure (CVE) ID: CVE-2010-4656 46069 http://www.securityfocus.com/bid/46069 USN-1146-1 http://www.ubuntu.com/usn/USN-1146-1 [oss-security] 20110124 CVE request: linux kernel heap issues http://openwall.com/lists/oss-security/2011/01/24/9 [oss-security] 20110124 Re: CVE request: linux kernel heap issues http://openwall.com/lists/oss-security/2011/01/25/3 [oss-security] 20110125 Re: CVE request: linux kernel heap issues http://openwall.com/lists/oss-security/2011/01/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ed780117dbe5acb64280d218f0347f238dafed0 https://bugzilla.redhat.com/show_bug.cgi?id=672420 Common Vulnerability Exposure (CVE) ID: CVE-2011-0463 http://oss.oracle.com/pipermail/ocfs2-devel/2011-February/007846.html http://secunia.com/advisories/43966 Common Vulnerability Exposure (CVE) ID: CVE-2011-0521 1025195 http://www.securitytracker.com/id?1025195 43009 http://secunia.com/advisories/43009 45986 http://www.securityfocus.com/bid/45986 [oss-security] 20110125 Linux kernel av7110 negative array offset http://openwall.com/lists/oss-security/2011/01/24/2 [oss-security] 20110125 Re: Linux kernel av7110 negative array offset http://openwall.com/lists/oss-security/2011/01/25/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb26a24ee9706473f31d34cc259f4dcf45cd0644 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc2 kernel-av7110ca-privilege-escalation(64988) https://exchange.xforce.ibmcloud.com/vulnerabilities/64988 Common Vulnerability Exposure (CVE) ID: CVE-2011-0695 43693 http://secunia.com/advisories/43693 46839 http://www.securityfocus.com/bid/46839 [linux-rdma] 20110223 [PATCH 1/2] rdma/cm: Fix crash in request handlers http://www.spinics.net/lists/linux-rdma/msg07447.html [linux-rdma] 20110223 [PATCH 2/2] ib/cm: Bump reference count on cm_id before invoking callback http://www.spinics.net/lists/linux-rdma/msg07448.html [oss-security] 20110311 CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler http://www.openwall.com/lists/oss-security/2011/03/11/1 kernel-infiniband-dos(66056) https://exchange.xforce.ibmcloud.com/vulnerabilities/66056 Common Vulnerability Exposure (CVE) ID: CVE-2011-0711 46417 http://www.securityfocus.com/bid/46417 70950 http://osvdb.org/70950 [oss-security] 20110216 CVE request - kernel: xfs infoleak http://openwall.com/lists/oss-security/2011/02/16/4 [oss-security] 20110216 Re: CVE request - kernel: xfs infoleak http://openwall.com/lists/oss-security/2011/02/16/10 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3a3675b7f23f83ca8c67c9c2b6edf707fd28d1ba http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.38-rc6-git3.log https://bugzilla.redhat.com/show_bug.cgi?id=677260 https://patchwork.kernel.org/patch/555461/ Common Vulnerability Exposure (CVE) ID: CVE-2011-0712 46419 http://www.securityfocus.com/bid/46419 [oss-security] 20110216 Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow http://www.openwall.com/lists/oss-security/2011/02/16/11 http://www.openwall.com/lists/oss-security/2011/02/16/12 [oss-security] 20110216 kernel: ALSA: caiaq - Fix possible string-buffer overflow http://www.openwall.com/lists/oss-security/2011/02/16/5 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=eaae55dac6b64c0616046436b294e69fc5311581 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.38-rc4-next-20110215.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=677881 kernel-usbdevice-bo(65461) https://exchange.xforce.ibmcloud.com/vulnerabilities/65461 Common Vulnerability Exposure (CVE) ID: CVE-2011-0726 BugTraq ID: 47791 http://www.securityfocus.com/bid/47791 https://lkml.org/lkml/2011/3/11/380 http://www.spinics.net/lists/mm-commits/msg82726.html RedHat Security Advisories: RHSA-2011:0833 http://rhn.redhat.com/errata/RHSA-2011-0833.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1010 1025126 http://www.securitytracker.com/id?1025126 20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables http://www.securityfocus.com/archive/1/516615/100/0/threaded 46492 http://www.securityfocus.com/bid/46492 8115 http://securityreason.com/securityalert/8115 [oss-security] 20110222 CVE request: kernel: fs/partitions: validate map_count in mac partition tables http://openwall.com/lists/oss-security/2011/02/22/3 [oss-security] 20110222 Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables http://openwall.com/lists/oss-security/2011/02/22/11 http://openwall.com/lists/oss-security/2011/02/22/15 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa7ea87a057958a8b7926c1a60a3ca6d696328ed http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37.2 http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt https://bugzilla.redhat.com/show_bug.cgi?id=679282 kernel-map-dos(65643) https://exchange.xforce.ibmcloud.com/vulnerabilities/65643 Common Vulnerability Exposure (CVE) ID: CVE-2011-1012 1025127 http://www.securitytracker.com/id?1025127 46512 http://www.securityfocus.com/bid/46512 [mm-commits] 20110222 + ldm-corrupted-partition-table-can-cause-kernel-oops.patch added to -mm tree http://www.spinics.net/lists/mm-commits/msg82429.html [oss-security] 20110223 CVE request: kernel: Corrupted LDM partition table issues http://openwall.com/lists/oss-security/2011/02/23/4 [oss-security] 20110223 Re: CVE request: kernel: Corrupted LDM partition table issues http://openwall.com/lists/oss-security/2011/02/23/21 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=294f6cf48666825d23c9372ef37631232746e40d http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.38-rc6-git6.log Common Vulnerability Exposure (CVE) ID: CVE-2011-1013 47639 http://www.securityfocus.com/bid/47639 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c.diff?r1=1.41%3Br2=1.42%3Bf=h https://bugzilla.redhat.com/show_bug.cgi?id=679925 kernel-drmioctl-priv-escalation(67199) https://exchange.xforce.ibmcloud.com/vulnerabilities/67199 Common Vulnerability Exposure (CVE) ID: CVE-2011-1016 46557 http://www.securityfocus.com/bid/46557 [oss-security] 20110224 CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 http://openwall.com/lists/oss-security/2011/02/24/3 [oss-security] 20110224 Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 http://openwall.com/lists/oss-security/2011/02/24/11 [oss-security] 20110225 Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 http://openwall.com/lists/oss-security/2011/02/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5 https://bugzilla.redhat.com/show_bug.cgi?id=680000 kernel-atiradeon-sec-bypass(65691) https://exchange.xforce.ibmcloud.com/vulnerabilities/65691 Common Vulnerability Exposure (CVE) ID: CVE-2011-1017 BugTraq ID: 46512 Bugtraq: 20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables (Google Search) http://openwall.com/lists/oss-security/2011/02/23/16 http://openwall.com/lists/oss-security/2011/02/24/4 http://openwall.com/lists/oss-security/2011/02/24/14 http://securitytracker.com/id?1025128 http://secunia.com/advisories/43716 http://secunia.com/advisories/43738 Common Vulnerability Exposure (CVE) ID: CVE-2011-1019 [oss-security] 20110225 Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN http://www.openwall.com/lists/oss-security/2011/02/25/1 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8909c9ad8ff03611c9c96c9a92656213e4bb495b https://bugzilla.redhat.com/show_bug.cgi?id=680360 https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b Common Vulnerability Exposure (CVE) ID: CVE-2011-1078 RHSA-2011:0833 RHSA-2012:1156 http://rhn.redhat.com/errata/RHSA-2012-1156.html [oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes http://www.openwall.com/lists/oss-security/2011/03/01/10 http://downloads.avaya.com/css/P8/documents/100145416 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c4c896e1471aec3b004a693c689f60be3b17ac86 https://bugzilla.redhat.com/show_bug.cgi?id=681259 https://github.com/torvalds/linux/commit/c4c896e1471aec3b004a693c689f60be3b17ac86 Common Vulnerability Exposure (CVE) ID: CVE-2011-1079 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=43629f8f5ea32a998d06d1bb41eefa0e821ff573 http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html https://bugzilla.redhat.com/show_bug.cgi?id=681260 https://github.com/torvalds/linux/commit/43629f8f5ea32a998d06d1bb41eefa0e821ff573 Common Vulnerability Exposure (CVE) ID: CVE-2011-1080 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d846f71195d57b0bbb143382647c2c6638b04c5a https://bugzilla.redhat.com/show_bug.cgi?id=681262 https://github.com/torvalds/linux/commit/d846f71195d57b0bbb143382647c2c6638b04c5a Common Vulnerability Exposure (CVE) ID: CVE-2011-1082 [linux-kernel] 20110205 [PATCH] epoll: Prevent deadlock through unsafe ->f_op->poll() calls. https://lkml.org/lkml/2011/2/5/220 [oss-security] 20110301 CVE request: kernel: Multiple DoS issues in epoll http://openwall.com/lists/oss-security/2011/03/02/1 [oss-security] 20110302 Re: CVE request: kernel: Multiple DoS issues in epoll http://openwall.com/lists/oss-security/2011/03/02/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e https://bugzilla.redhat.com/show_bug.cgi?id=681575 Common Vulnerability Exposure (CVE) ID: CVE-2011-1090 1025336 http://securitytracker.com/id?1025336 SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [oss-security] 20110307 CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab http://openwall.com/lists/oss-security/2011/03/07/2 [oss-security] 20110307 Re: CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab http://openwall.com/lists/oss-security/2011/03/07/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9e3d724e2145f5039b423c290ce2b2c3d8f94bc https://bugzilla.redhat.com/show_bug.cgi?id=682641 Common Vulnerability Exposure (CVE) ID: CVE-2011-1093 46793 http://www.securityfocus.com/bid/46793 [oss-security] 20110308 CVE request: kernel: dccp: fix oops on Reset after close http://openwall.com/lists/oss-security/2011/03/08/4 [oss-security] 20110308 Re: CVE request: kernel: dccp: fix oops on Reset after close http://openwall.com/lists/oss-security/2011/03/08/19 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d https://bugzilla.redhat.com/show_bug.cgi?id=682954 Common Vulnerability Exposure (CVE) ID: CVE-2011-1160 [oss-security] 20110315 Re: CVE requests - kernel: tpm infoleaks http://www.openwall.com/lists/oss-security/2011/03/15/13 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1309d7afbed112f0e8e90be9af975550caa0076b https://bugzilla.redhat.com/show_bug.cgi?id=684671 https://github.com/torvalds/linux/commit/1309d7afbed112f0e8e90be9af975550caa0076b Common Vulnerability Exposure (CVE) ID: CVE-2011-1163 1025225 http://securitytracker.com/id?1025225 20110317 [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel http://www.securityfocus.com/archive/1/517050 46878 http://www.securityfocus.com/bid/46878 8189 http://securityreason.com/securityalert/8189 [mm-commits] 20110314 + fs-partitions-osfc-corrupted-osf-partition-table-can-cause-information-disclosure.patch added to -mm tree http://www.spinics.net/lists/mm-commits/msg82737.html [oss-security] 20110315 CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure http://openwall.com/lists/oss-security/2011/03/15/9 [oss-security] 20110315 Re: CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure http://openwall.com/lists/oss-security/2011/03/15/14 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05 http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt https://bugzilla.redhat.com/show_bug.cgi?id=688021 Common Vulnerability Exposure (CVE) ID: CVE-2011-1169 [oss-security] 20110318 CVE request: kernel: AudioScience HPI driver http://openwall.com/lists/oss-security/2011/03/18/1 [oss-security] 20110318 Re: CVE request: kernel: AudioScience HPI driver http://openwall.com/lists/oss-security/2011/03/18/2 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=4a122c10fbfe9020df469f0f669da129c5757671 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1 https://bugzilla.redhat.com/show_bug.cgi?id=688898 Common Vulnerability Exposure (CVE) ID: CVE-2011-1170 8278 http://securityreason.com/securityalert/8278 8282 http://securityreason.com/securityalert/8282 [netfilter-devel] 20110310 [PATCH] ipv4: netfilter: arp_tables: fix infoleak to userspace http://marc.info/?l=netfilter-devel&m=129978081009955&w=2 [oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks http://www.openwall.com/lists/oss-security/2011/03/18/15 [oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks http://www.openwall.com/lists/oss-security/2011/03/21/1 http://www.openwall.com/lists/oss-security/2011/03/21/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=42eab94fff18cb1091d3501cd284d6bd6cc9c143 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 https://bugzilla.redhat.com/show_bug.cgi?id=689321 Common Vulnerability Exposure (CVE) ID: CVE-2011-1171 8283 http://securityreason.com/securityalert/8283 [linux-kernel] 20110310 [PATCH] ipv4: netfilter: ip_tables: fix infoleak to userspace http://marc.info/?l=linux-kernel&m=129978077609894&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=78b79876761b86653df89c48a7010b5cbd41a84a https://bugzilla.redhat.com/show_bug.cgi?id=689327 Common Vulnerability Exposure (CVE) ID: CVE-2011-1172 [linux-kernel] 20110310 [PATCH] ipv6: netfilter: ip6_tables: fix infoleak to userspace http://marc.info/?l=linux-kernel&m=129978086410061&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a8ab060779779de8aea92ce3337ca348f973f54 https://bugzilla.redhat.com/show_bug.cgi?id=689345 Common Vulnerability Exposure (CVE) ID: CVE-2011-2534 BugTraq ID: 46921 http://www.securityfocus.com/bid/46921 http://marc.info/?l=netfilter-devel&m=130036157327564&w=2 http://marc.info/?l=netfilter&m=129978077509888&w=2 http://securityreason.com/securityalert/8284 Common Vulnerability Exposure (CVE) ID: CVE-2011-1173 8279 http://securityreason.com/securityalert/8279 [netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network http://marc.info/?l=linux-netdev&m=130036203528021&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14 Common Vulnerability Exposure (CVE) ID: CVE-2011-1180 http://www.openwall.com/lists/oss-security/2011/03/22/11 Common Vulnerability Exposure (CVE) ID: CVE-2011-1182 [oss-security] 20110323 Re: Linux kernel signal spoofing vulnerability (CVE request) http://www.openwall.com/lists/oss-security/2011/03/23/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=da48524eb20662618854bb3df2db01fc65f3070c https://bugzilla.redhat.com/show_bug.cgi?id=690028 https://github.com/torvalds/linux/commit/da48524eb20662618854bb3df2db01fc65f3070c Common Vulnerability Exposure (CVE) ID: CVE-2011-1478 8480 http://securityreason.com/securityalert/8480 [oss-security] 20110328 CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse http://openwall.com/lists/oss-security/2011/03/28/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159 http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38 https://bugzilla.redhat.com/show_bug.cgi?id=691270 Common Vulnerability Exposure (CVE) ID: CVE-2011-1494 47185 http://www.securityfocus.com/bid/47185 [linux-kernel] 20110405 [PATCH] drivers/scsi/mpt2sas: prevent heap overflows and unchecked reads http://lkml.org/lkml/2011/4/5/327 [oss-security] 20110405 CVE request: kernel: two issues in mpt2sas http://openwall.com/lists/oss-security/2011/04/05/32 [oss-security] 20110406 Re: CVE request: kernel: two issues in mpt2sas http://openwall.com/lists/oss-security/2011/04/06/2 https://bugzilla.redhat.com/show_bug.cgi?id=694021 https://patchwork.kernel.org/patch/688021/ Common Vulnerability Exposure (CVE) ID: CVE-2011-1495 Common Vulnerability Exposure (CVE) ID: CVE-2011-1577 1025355 http://securitytracker.com/id?1025355 20110413 [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel http://www.securityfocus.com/archive/1/517477/100/0/threaded 47343 http://www.securityfocus.com/bid/47343 8238 http://securityreason.com/securityalert/8238 FEDORA-2011-7823 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html [mm-commits] 20110412 + fs-partitions-efic-corrupted-guid-partition-tables-can-cause-kernel-oops.patch added to -mm tree http://www.spinics.net/lists/mm-commits/msg83274.html [oss-security] 20110412 CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops http://openwall.com/lists/oss-security/2011/04/12/17 [oss-security] 20110413 Re: CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops http://openwall.com/lists/oss-security/2011/04/13/1 https://bugzilla.redhat.com/show_bug.cgi?id=695976 kernel-guid-dos(66773) https://exchange.xforce.ibmcloud.com/vulnerabilities/66773 Common Vulnerability Exposure (CVE) ID: CVE-2011-1593 1025420 http://securitytracker.com/id?1025420 44164 http://secunia.com/advisories/44164 47497 http://www.securityfocus.com/bid/47497 [linux-kernel] 20110418 Re: Kernel panic (NULL ptr deref?) in find_ge_pid()/next_pidmap() (via sys_getdents or sys_readdir) http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source [oss-security] 20110419 CVE request -- kernel: proc: signedness issue in next_pidmap() http://openwall.com/lists/oss-security/2011/04/19/1 [oss-security] 20110420 Re: CVE request -- kernel: proc: signedness issue in next_pidmap() http://openwall.com/lists/oss-security/2011/04/20/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8bdc59f215e62098bc5b4256fd9928bf27053a1 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4 https://bugzilla.redhat.com/show_bug.cgi?id=697822 kernel-nextpidmap-dos(66876) https://exchange.xforce.ibmcloud.com/vulnerabilities/66876 Common Vulnerability Exposure (CVE) ID: CVE-2011-1598 47503 http://www.securityfocus.com/bid/47503 [netdev] 20110420 Add missing socket check in can/bcm release. http://permalink.gmane.org/gmane.linux.network/192898 [oss-security] 20110420 CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/2 [oss-security] 20110420 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/6 [oss-security] 20110421 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/7 http://openwall.com/lists/oss-security/2011/04/21/1 http://openwall.com/lists/oss-security/2011/04/21/2 http://openwall.com/lists/oss-security/2011/04/21/7 [oss-security] 20110422 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/22/2 [oss-security] 20110425 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c6914a6f261aca0c9f715f883a353ae7ff51fe83 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=698057 Common Vulnerability Exposure (CVE) ID: CVE-2011-1748 47835 http://www.securityfocus.com/bid/47835 [netdev] 20110420 [PATCH v2] can: add missing socket check in can/raw release http://permalink.gmane.org/gmane.linux.network/192974 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd Common Vulnerability Exposure (CVE) ID: CVE-2011-1745 47534 http://www.securityfocus.com/bid/47534 [linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes https://lkml.org/lkml/2011/4/14/293 [oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp http://openwall.com/lists/oss-security/2011/04/21/4 [oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp http://openwall.com/lists/oss-security/2011/04/22/7 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5 https://bugzilla.redhat.com/show_bug.cgi?id=698996 Common Vulnerability Exposure (CVE) ID: CVE-2011-2022 BugTraq ID: 47843 http://www.securityfocus.com/bid/47843 Common Vulnerability Exposure (CVE) ID: CVE-2011-1746 47535 http://www.securityfocus.com/bid/47535 [linux-kernel] 20110414 [PATCH] char: agp: fix OOM and buffer overflow https://lkml.org/lkml/2011/4/14/294 [linux-kernel] 20110419 Re: [PATCH] char: agp: fix OOM and buffer overflow https://lkml.org/lkml/2011/4/19/400 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355 https://bugzilla.redhat.com/show_bug.cgi?id=698998
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.