Test ID:	1.3.6.1.4.1.25623.1.1.12.2011.1074.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1074-1)
Summary:	The remote host is missing an update for the 'linux-fsl-imx51' package(s) announced via the USN-1074-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-fsl-imx51' package(s) announced via the USN-1074-1 advisory. Vulnerability Insight: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-4895) Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. (CVE-2010-2066) Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. (CVE-2010-2226) Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. (CVE-2010-2240) Suresh Jayaraman discovered that CIFS did not correctly validate certain response packets. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-2248) Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. (CVE-2010-2478, CVE-2010-3084) James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. (CVE-2010-2495) Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. (CVE-2010-2521) David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. (CVE-2010-2524) Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. (CVE-2010-2538) Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-2798) Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. (CVE-2010-2803) Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-fsl-imx51' package(s) on Ubuntu 9.10. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4895 Debian Security Information: DSA-2094 (Google Search) http://www.debian.org/security/2010/dsa-2094 http://www.openwall.com/lists/oss-security/2010/06/15/2 http://www.openwall.com/lists/oss-security/2010/06/15/3 http://www.openwall.com/lists/oss-security/2010/06/15/4 http://www.openwall.com/lists/oss-security/2010/06/15/5 http://www.ubuntu.com/usn/USN-1000-1 Common Vulnerability Exposure (CVE) ID: CVE-2010-2066 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 43315 http://secunia.com/advisories/43315 RHSA-2010:0610 http://www.redhat.com/support/errata/RHSA-2010-0610.html SUSE-SA:2010:033 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html USN-1000-1 [oss-security] 20100607 CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files http://www.openwall.com/lists/oss-security/2010/06/07/1 [oss-security] 20100609 Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files http://www.openwall.com/lists/oss-security/2010/06/09/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=601006 Common Vulnerability Exposure (CVE) ID: CVE-2010-2226 40920 http://www.securityfocus.com/bid/40920 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 DSA-2094 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html [oss-security] 20100617 CVE request - kernel: xfs swapext ioctl issue http://marc.info/?l=oss-security&m=127677135609357&w=2 [oss-security] 20100618 Re: CVE request - kernel: xfs swapext ioctl issue http://marc.info/?l=oss-security&m=127687486331790&w=2 [xfs] 20100616 Re: [Security] XFS swapext ioctl minor security issues http://archives.free.net.ph/message/20100616.130710.301704aa.en.html http://archives.free.net.ph/message/20100616.135735.40f53a32.en.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1817176a86352f65210139d4c794ad2d19fc6b63 https://bugzilla.redhat.com/show_bug.cgi?id=605158 Common Vulnerability Exposure (CVE) ID: CVE-2010-2240 1024344 http://securitytracker.com/id?1024344 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://www.securityfocus.com/archive/1/517739/100/0/threaded MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0660 http://www.redhat.com/support/errata/RHSA-2010-0660.html RHSA-2010:0661 https://rhn.redhat.com/errata/RHSA-2010-0661.html RHSA-2010:0670 http://www.redhat.com/support/errata/RHSA-2010-0670.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 http://www.vmware.com/security/advisories/VMSA-2011-0007.html http://www.vmware.com/security/advisories/VMSA-2011-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=606611 oval:org.mitre.oval:def:13247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247 Common Vulnerability Exposure (CVE) ID: CVE-2010-2248 1024285 http://securitytracker.com/id?1024285 42242 http://www.securityfocus.com/bid/42242 RHSA-2010:0606 https://rhn.redhat.com/errata/RHSA-2010-0606.html [oss-security] 20100628 CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server http://www.openwall.com/lists/oss-security/2010/06/28/1 [oss-security] 20100628 Re: CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server http://www.openwall.com/lists/oss-security/2010/06/28/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6513a81e9325d712f1bfb9a1d7b750134e49ff18 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=608583 Common Vulnerability Exposure (CVE) ID: CVE-2010-2478 41223 http://www.securityfocus.com/bid/41223 SUSE-SA:2010:040 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html [netdev] 20100628 [PATCH net-2.6 1/2] ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://article.gmane.org/gmane.linux.network/164869 [oss-security] 20100629 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/29/3 [oss-security] 20100629 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/29/1 [oss-security] 20100630 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/06/30/17 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db048b69037e7fa6a7d9e95a1271a50dc08ae233 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7 https://bugzilla.redhat.com/show_bug.cgi?id=608950 Common Vulnerability Exposure (CVE) ID: CVE-2010-2495 [oss-security] 20100623 kernel: l2tp: Fix oops in pppol2tp_xmit http://www.openwall.com/lists/oss-security/2010/06/23/3 [oss-security] 20100704 Re: CVE Request: kernel: l2tp: Fix oops in pppol2tp_xmit http://www.openwall.com/lists/oss-security/2010/07/04/3 [oss-security] 20100704 Re: kernel: l2tp: Fix oops in pppol2tp_xmit http://www.openwall.com/lists/oss-security/2010/07/04/2 [oss-security] 20100706 Re: CVE Request: kernel: l2tp: Fix oops in pppol2tp_xmit http://www.openwall.com/lists/oss-security/2010/07/06/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 https://bugzilla.redhat.com/show_bug.cgi?id=607054 Common Vulnerability Exposure (CVE) ID: CVE-2010-2521 1024286 http://securitytracker.com/id?1024286 42249 http://www.securityfocus.com/bid/42249 ADV-2010-3050 http://www.vupen.com/english/advisories/2010/3050 RHSA-2010:0893 http://www.redhat.com/support/errata/RHSA-2010-0893.html RHSA-2010:0907 http://www.redhat.com/support/errata/RHSA-2010-0907.html [oss-security] 20100707 CVE request - kernel: nfsd4: bug in read_buf http://www.openwall.com/lists/oss-security/2010/07/07/1 [oss-security] 20100708 Re: CVE request - kernel: nfsd4: bug in read_buf http://www.openwall.com/lists/oss-security/2010/07/09/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2bc3c1179c781b359d4f2f3439cb3df72afc17fc http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=612028 Common Vulnerability Exposure (CVE) ID: CVE-2010-2524 [oss-security] 20100802 CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128072090331700&w=2 [oss-security] 20100802 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128078387328921&w=2 [oss-security] 20100803 Re: CVE-2010-2524 kernel: dns_resolver upcall security issue http://marc.info/?l=oss-security&m=128080755321157&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 https://bugzilla.redhat.com/show_bug.cgi?id=612166 Common Vulnerability Exposure (CVE) ID: CVE-2010-2538 41854 http://www.securityfocus.com/bid/41854 42758 http://secunia.com/advisories/42758 ADV-2011-0070 http://www.vupen.com/english/advisories/2011/0070 USN-1041-1 http://www.ubuntu.com/usn/USN-1041-1 [oss-security] 20100721 CVE request: kernel: btrfs http://www.openwall.com/lists/oss-security/2010/07/21/4 [oss-security] 20100721 Re: CVE request: kernel: btrfs http://www.openwall.com/lists/oss-security/2010/07/21/10 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ebc3464781ad24474abcbd2274e6254689853b5 https://bugzilla.redhat.com/show_bug.cgi?id=616998 Common Vulnerability Exposure (CVE) ID: CVE-2010-2798 1024386 http://securitytracker.com/id?1024386 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 42124 http://www.securityfocus.com/bid/42124 46397 http://secunia.com/advisories/46397 RHSA-2010:0723 http://www.redhat.com/support/errata/RHSA-2010-0723.html SUSE-SA:2010:054 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html [oss-security] 20100802 CVE request: kernel: gfs2: rename cases kernel panic http://www.openwall.com/lists/oss-security/2010/08/02/1 [oss-security] 20100802 Re: CVE request: kernel: gfs2: rename cases kernel panic http://www.openwall.com/lists/oss-security/2010/08/02/10 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203 http://support.avaya.com/css/P8/documents/100113326 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=620300 Common Vulnerability Exposure (CVE) ID: CVE-2010-2803 41512 http://secunia.com/advisories/41512 ADV-2010-2430 http://www.vupen.com/english/advisories/2010/2430 RHSA-2010:0842 http://www.redhat.com/support/errata/RHSA-2010-0842.html SUSE-SA:2010:041 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=1b2f1489633888d4a06028315dc19d65768a1c05 http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=b9f0aee83335db1f3915f4e42a5e21b351740afd http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9f0aee83335db1f3915f4e42a5e21b351740afd http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4 https://bugzilla.redhat.com/show_bug.cgi?id=621435 Common Vulnerability Exposure (CVE) ID: CVE-2010-2942 42529 http://www.securityfocus.com/bid/42529 RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html RHSA-2010:0779 http://www.redhat.com/support/errata/RHSA-2010-0779.html [oss-security] 20100818 CVE request - kernel: net sched memleak http://www.openwall.com/lists/oss-security/2010/08/18/1 [oss-security] 20100819 Re: CVE request - kernel: net sched memleak http://www.openwall.com/lists/oss-security/2010/08/19/4 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8 http://patchwork.ozlabs.org/patch/61857/ http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=624903 Common Vulnerability Exposure (CVE) ID: CVE-2010-2943 42527 http://www.securityfocus.com/bid/42527 43161 http://secunia.com/advisories/43161 ADV-2011-0280 http://www.vupen.com/english/advisories/2011/0280 USN-1057-1 http://www.ubuntu.com/usn/USN-1057-1 [linux-xfs] 20100620 [PATCH 0/4, V2] xfs: validate inode numbers in file handles correctly http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767 [linux-xfs] 20100620 [PATCH 2/4] xfs: validate untrusted inode numbers during lookup http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771 [linux-xfs] 20100620 [PATCH 3/4] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768 [linux-xfs] 20100620 [PATCH 4/4] xfs: remove block number from inode lookup code http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769 [oss-security] 20100818 CVE request - kernel: xfs: stale data exposure http://www.openwall.com/lists/oss-security/2010/08/18/2 [oss-security] 20100819 Re: CVE request - kernel: xfs: stale data exposure http://www.openwall.com/lists/oss-security/2010/08/19/5 [xfs] 20100617 [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clusters V2 http://oss.sgi.com/archives/xfs/2010-06/msg00191.html [xfs] 20100618 Re: [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clusters V2 http://oss.sgi.com/archives/xfs/2010-06/msg00198.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa https://bugzilla.redhat.com/show_bug.cgi?id=624923 Common Vulnerability Exposure (CVE) ID: CVE-2010-2946 41321 http://secunia.com/advisories/41321 42589 http://www.securityfocus.com/bid/42589 43291 http://secunia.com/advisories/43291 ADV-2011-0375 http://www.vupen.com/english/advisories/2011/0375 SUSE-SA:2011:008 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html [oss-security] 20100820 CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others http://www.openwall.com/lists/oss-security/2010/08/20/1 [oss-security] 20100820 Re: CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others http://www.openwall.com/lists/oss-security/2010/08/20/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aca0fa34bdaba39bfddddba8ca70dba4782e8fe6 http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.51 Common Vulnerability Exposure (CVE) ID: CVE-2010-2954 41234 http://secunia.com/advisories/41234 ADV-2010-2266 http://www.vupen.com/english/advisories/2010/2266 SUSE-SA:2010:050 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html [netdev] 20100830 [PATCH] irda: Correctly clean up self->ias_obj on irda_bind() failure. http://www.spinics.net/lists/netdev/msg139404.html [oss-security] 20100901 CVE-2010-2954 kernel: irda null ptr deref http://marc.info/?l=oss-security&m=128331787923285&w=2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257 http://twitter.com/taviso/statuses/22635752128 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=628770 kernel-irdabind-dos(61522) https://exchange.xforce.ibmcloud.com/vulnerabilities/61522 Common Vulnerability Exposure (CVE) ID: CVE-2010-2955 41245 http://secunia.com/advisories/41245 42885 http://www.securityfocus.com/bid/42885 [linux-kernel] 20100827 [PATCH] wireless: fix 64K kernel heap content leak via ioctl http://lkml.org/lkml/2010/8/27/413 [linux-kernel] 20100830 Re: [PATCH] wireless extensions: fix kernel heap content leak http://lkml.org/lkml/2010/8/30/351 [linux-kernel] 20100830 Re: [PATCH] wireless: fix 64K kernel heap content leak via ioctl http://lkml.org/lkml/2010/8/30/127 [linux-kernel] 20100830 [PATCH] wireless extensions: fix kernel heap content leak http://lkml.org/lkml/2010/8/30/146 [oss-security] 20100831 CVE-2010-2955 kernel: wireless: fix 64K kernel heap content leak via ioctl http://www.openwall.com/lists/oss-security/2010/08/31/1 http://forums.grsecurity.net/viewtopic.php?f=3&t=2290 http://git.kernel.org/?p=linux/kernel/git/linville/wireless-2.6.git%3Ba=commit%3Bh=42da2f948d949efd0111309f5827bf0298bcc9a4 http://grsecurity.net/~spender/wireless-infoleak-fix2.patch http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100831.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=628434 Common Vulnerability Exposure (CVE) ID: CVE-2010-2959 BugTraq ID: 42585 http://www.securityfocus.com/bid/42585 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046947.html http://jon.oberheide.org/files/i-can-haz-modharden.c http://www.openwall.com/lists/oss-security/2010/08/20/2 SuSE Security Announcement: SUSE-SA:2010:040 (Google Search) SuSE Security Announcement: SUSE-SA:2010:041 (Google Search) SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-2962 BugTraq ID: 44067 http://www.securityfocus.com/bid/44067 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://www.redhat.com/support/errata/RHSA-2010-0958.html http://secunia.com/advisories/42745 SuSE Security Announcement: SUSE-SA:2010:050 (Google Search) SuSE Security Announcement: SUSE-SA:2010:051 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00004.html http://www.vupen.com/english/advisories/2010/3321 Common Vulnerability Exposure (CVE) ID: CVE-2010-2963 BugTraq ID: 44242 http://www.securityfocus.com/bid/44242 Debian Security Information: DSA-2126 (Google Search) http://www.debian.org/security/2010/dsa-2126 http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 http://www.outflux.net/blog/archives/2010/10/19/cve-2010-2963-v4l-compat-exploit/ http://www.securitytracker.com/id?1024710 SuSE Security Announcement: SUSE-SA:2010:053 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html SuSE Security Announcement: SUSE-SA:2010:057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3015 BugTraq ID: 42477 http://www.securityfocus.com/bid/42477 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.mandriva.com/security/advisories?name=MDVSA-2010:247 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://marc.info/?l=oss-security&m=128192548904503&w=2 http://marc.info/?l=oss-security&m=128197862004376&w=2 http://marc.info/?l=oss-security&m=128201627016896&w=2 SuSE Security Announcement: SUSE-SA:2010:054 (Google Search) http://www.vupen.com/english/advisories/2010/3117 XForce ISS Database: kernel-stacksize-dos(61156) https://exchange.xforce.ibmcloud.com/vulnerabilities/61156 Common Vulnerability Exposure (CVE) ID: CVE-2010-3067 42778 http://secunia.com/advisories/42778 42801 http://secunia.com/advisories/42801 42890 http://secunia.com/advisories/42890 ADV-2011-0012 http://www.vupen.com/english/advisories/2011/0012 DSA-2126 MDVSA-2010:257 MDVSA-2011:029 RHSA-2010:0758 http://www.redhat.com/support/errata/RHSA-2010-0758.html RHSA-2010:0839 http://www.redhat.com/support/errata/RHSA-2010-0839.html RHSA-2011:0007 http://www.redhat.com/support/errata/RHSA-2011-0007.html SUSE-SA:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SUSE-SA:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc4-next-20100915.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=629441 kernel-doiosubmit-dos(61884) https://exchange.xforce.ibmcloud.com/vulnerabilities/61884 Common Vulnerability Exposure (CVE) ID: CVE-2010-3078 1024418 http://securitytracker.com/id?1024418 41284 http://secunia.com/advisories/41284 43022 http://www.securityfocus.com/bid/43022 [oss-security] 20100907 CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak http://www.openwall.com/lists/oss-security/2010/09/07/1 [oss-security] 20100907 Re: CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak http://www.openwall.com/lists/oss-security/2010/09/07/12 [xfs-masters] 20100906 [PATCH] xfs: prevent reading uninitialized stack memory http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=630804 Common Vulnerability Exposure (CVE) ID: CVE-2010-3079 43684 http://www.securityfocus.com/bid/43684 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c55cb12c1c172e2d51e85fbb5a4796ca86b77e7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.5 https://bugzilla.redhat.com/show_bug.cgi?id=631623 Common Vulnerability Exposure (CVE) ID: CVE-2010-3080 43062 http://www.securityfocus.com/bid/43062 [oss-security] 20100908 CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly http://www.openwall.com/lists/oss-security/2010/09/08/7 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd https://bugzilla.redhat.com/show_bug.cgi?id=630551 Common Vulnerability Exposure (CVE) ID: CVE-2010-3081 20100916 Ac1db1tch3z vs x86_64 Linux Kernel http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html 20100916 Workaround for Ac1db1tch3z exploit. http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html 20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne http://www.securityfocus.com/archive/1/514938/30/30/threaded 42384 http://secunia.com/advisories/42384 ADV-2010-3083 http://www.vupen.com/english/advisories/2010/3083 ADV-2010-3117 MDVSA-2010:214 http://www.mandriva.com/security/advisories?name=MDVSA-2010:214 MDVSA-2010:247 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100916 CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow http://marc.info/?l=oss-security&m=128461522230211&w=2 http://blog.ksplice.com/2010/09/cve-2010-3081/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c41d68a513c71e35a14f66d71782d27a79a81ea6 http://isc.sans.edu/diary.html?storyid=9574 http://sota.gen.nz/compat1/ http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log http://www.vmware.com/security/advisories/VMSA-2010-0017.html https://access.redhat.com/kb/docs/DOC-40265 https://bugzilla.redhat.com/show_bug.cgi?id=634457 Common Vulnerability Exposure (CVE) ID: CVE-2010-3084 43098 http://www.securityfocus.com/bid/43098 [netdev] 20100907 [PATCH net-2.6] niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL http://www.spinics.net/lists/netdev/msg140133.html [oss-security] 20100909 CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/09/09/1 [oss-security] 20100910 Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL http://www.openwall.com/lists/oss-security/2010/09/11/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9 https://bugzilla.redhat.com/show_bug.cgi?id=632069 Common Vulnerability Exposure (CVE) ID: CVE-2010-3296 41440 http://secunia.com/advisories/41440 42884 http://secunia.com/advisories/42884 43221 http://www.securityfocus.com/bid/43221 RHSA-2011:0017 http://www.redhat.com/support/errata/RHSA-2011-0017.html [linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory http://lkml.org/lkml/2010/9/11/170 [oss-security] 20100914 CVE request: kernel: numerous infoleaks http://www.openwall.com/lists/oss-security/2010/09/14/2 [oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks http://www.openwall.com/lists/oss-security/2010/09/14/7 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5 https://bugzilla.redhat.com/show_bug.cgi?id=633149 Common Vulnerability Exposure (CVE) ID: CVE-2010-3297 43229 http://www.securityfocus.com/bid/43229 [linux-kernel] 20100911 [PATCH] drivers/net/eql.c: prevent reading uninitialized stack memory http://lkml.org/lkml/2010/9/11/168 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=44467187dc22fdd33a1a06ea0ba86ce20be3fe3c https://bugzilla.redhat.com/show_bug.cgi?id=633145 Common Vulnerability Exposure (CVE) ID: CVE-2010-3298 43226 http://www.securityfocus.com/bid/43226 [linux-kernel] 20100911 [PATCH] drivers/net/usb/hso.c: prevent reading uninitialized memory http://lkml.org/lkml/2010/9/11/167 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=7011e660938fc44ed86319c18a5954e95a82ab3e https://bugzilla.redhat.com/show_bug.cgi?id=633140 Common Vulnerability Exposure (CVE) ID: CVE-2010-3301 [oss-security] 20100916 CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability http://www.openwall.com/lists/oss-security/2010/09/16/1 [oss-security] 20100916 Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability http://www.openwall.com/lists/oss-security/2010/09/16/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac http://sota.gen.nz/compat2/ https://bugzilla.redhat.com/show_bug.cgi?id=634449 Common Vulnerability Exposure (CVE) ID: CVE-2010-3310 41493 http://secunia.com/advisories/41493 43368 http://www.securityfocus.com/bid/43368 68163 http://www.osvdb.org/68163 SUSE-SA:2010:051 [linux-netdev] 20100920 [PATCH] rose: Fix signedness issues wrt. digi count. http://marc.info/?l=linux-netdev&m=128502238927086&w=2 [oss-security] 20100921 CVE request: kernel: Heap corruption in ROSE http://www.openwall.com/lists/oss-security/2010/09/21/1 [oss-security] 20100921 Re: CVE request: kernel: Heap corruption in ROSE http://www.openwall.com/lists/oss-security/2010/09/21/2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9828e6e6e3f19efcb476c567b9999891d051f52f http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100923.bz2 kernel-rose-bind-dos(61953) https://exchange.xforce.ibmcloud.com/vulnerabilities/61953 Common Vulnerability Exposure (CVE) ID: CVE-2010-3432 42400 http://secunia.com/advisories/42400 42789 http://secunia.com/advisories/42789 43480 http://www.securityfocus.com/bid/43480 ADV-2010-3113 http://www.vupen.com/english/advisories/2010/3113 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 RHSA-2010:0936 http://www.redhat.com/support/errata/RHSA-2010-0936.html RHSA-2010:0958 RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html [netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix http://marc.info/?l=linux-netdev&m=128453869227715&w=3 [oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128534569803598&w=2 [oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() http://marc.info/?l=oss-security&m=128537701808336&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6 https://bugzilla.redhat.com/show_bug.cgi?id=637675 Common Vulnerability Exposure (CVE) ID: CVE-2010-3437 15150 http://www.exploit-db.com/exploits/15150/ 42932 http://secunia.com/advisories/42932 43551 http://www.securityfocus.com/bid/43551 ADV-2011-0124 http://www.vupen.com/english/advisories/2011/0124 SUSE-SA:2011:004 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html [oss-security] 20100928 CVE request - kernel: pktcdvd ioctl dev_minor missing range check http://www.openwall.com/lists/oss-security/2010/09/28/2 [oss-security] 20100928 Re: CVE request - kernel: pktcdvd ioctl dev_minor missing range check http://www.openwall.com/lists/oss-security/2010/09/28/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=252a52aa4fa22a668f019e55b3aac3ff71ec1c29 http://jon.oberheide.org/files/cve-2010-3437.c http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=638085 Common Vulnerability Exposure (CVE) ID: CVE-2010-3442 42745 43787 http://www.securityfocus.com/bid/43787 ADV-2010-3321 FEDORA-2010-18983 [oss-security] 20100929 CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/2 [oss-security] 20100929 Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() http://www.openwall.com/lists/oss-security/2010/09/29/3 http://www.openwall.com/lists/oss-security/2010/09/29/4 http://www.openwall.com/lists/oss-security/2010/09/29/9 http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc5-next-20100928.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=638478 Common Vulnerability Exposure (CVE) ID: CVE-2010-3448 [oss-security] 20100623 kernel: thinkpad-acpi: lock down video output state access http://openwall.com/lists/oss-security/2010/06/23/2 [oss-security] 20100928 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/28/1 [oss-security] 20100929 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/29/7 [oss-security] 20100930 Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel http://openwall.com/lists/oss-security/2010/09/30/1 http://openwall.com/lists/oss-security/2010/09/30/6 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565790 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b525c06cdbd8a3963f0173ccd23f9147d4c384b5 https://bugzilla.redhat.com/show_bug.cgi?id=652122 kernel-thinkpad-dos(64580) https://exchange.xforce.ibmcloud.com/vulnerabilities/64580 Common Vulnerability Exposure (CVE) ID: CVE-2010-3477 http://www.securitytracker.com/id?1024603 Common Vulnerability Exposure (CVE) ID: CVE-2010-3698 44500 http://www.securityfocus.com/bid/44500 ADV-2010-3123 http://www.vupen.com/english/advisories/2010/3123 RHSA-2010:0898 http://www.redhat.com/support/errata/RHSA-2010-0898.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9581d442b9058d3699b4be568b6e5eae38a41493 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 https://bugzilla.redhat.com/show_bug.cgi?id=639879 Common Vulnerability Exposure (CVE) ID: CVE-2010-3705 [linux-kernel] 20101001 [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac() http://marc.info/?l=linux-kernel&m=128596992418814&w=2 [oss-security] 20101004 CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/2 [oss-security] 20101004 Re: CVE request: kernel: SCTP memory corruption in HMAC handling http://www.openwall.com/lists/oss-security/2010/10/04/7 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362 https://bugzilla.redhat.com/show_bug.cgi?id=640036 Common Vulnerability Exposure (CVE) ID: CVE-2010-3848 43056 http://secunia.com/advisories/43056 ADV-2011-0213 http://www.vupen.com/english/advisories/2011/0213 SUSE-SA:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html USN-1023-1 http://www.ubuntu.com/usn/USN-1023-1 [oss-security] 20101129 kernel: Multiple vulnerabilities in AF_ECONET http://openwall.com/lists/oss-security/2010/11/30/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a27e13d370415add3487949c60810e36069a23a6 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=644156 Common Vulnerability Exposure (CVE) ID: CVE-2010-3849 20101207 Linux kernel exploit http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa0e846494792e722d817b9d3d625a4ef4896c96 Common Vulnerability Exposure (CVE) ID: CVE-2010-3850 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74 Common Vulnerability Exposure (CVE) ID: CVE-2010-3858 15619 http://www.exploit-db.com/exploits/15619 44301 http://www.securityfocus.com/bid/44301 [oss-security] 20101021 CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/21/1 [oss-security] 20101022 Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/22/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 http://grsecurity.net/~spender/64bit_dos.c https://bugzilla.redhat.com/show_bug.cgi?id=645222 Common Vulnerability Exposure (CVE) ID: CVE-2010-3861 44427 http://www.securityfocus.com/bid/44427 [oss-security] 20101025 CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL http://openwall.com/lists/oss-security/2010/10/25/4 [oss-security] 20101026 Re: CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL http://openwall.com/lists/oss-security/2010/10/26/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae6df5f96a51818d6376da5307d773baeece4014 https://bugzilla.redhat.com/show_bug.cgi?id=646725 Common Vulnerability Exposure (CVE) ID: CVE-2010-3904 CERT/CC vulnerability note: VU#362983 http://www.kb.cert.org/vuls/id/362983 https://www.exploit-db.com/exploits/44677/ http://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html http://www.vsecurity.com/download/tools/linux-rds-exploit.c http://www.vsecurity.com/resources/advisory/20101019-1/ http://www.redhat.com/support/errata/RHSA-2010-0792.html http://securitytracker.com/id?1024613 Common Vulnerability Exposure (CVE) ID: CVE-2010-4072 BugTraq ID: 45054 http://www.securityfocus.com/bid/45054 http://lkml.org/lkml/2010/10/6/454 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 http://www.redhat.com/support/errata/RHSA-2011-0162.html http://secunia.com/advisories/42963 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) http://www.vupen.com/english/advisories/2011/0168 Common Vulnerability Exposure (CVE) ID: CVE-2010-4073 BugTraq ID: 45073 http://www.securityfocus.com/bid/45073 http://lkml.org/lkml/2010/10/6/492 http://securityreason.com/securityalert/8366 Common Vulnerability Exposure (CVE) ID: CVE-2010-4074 BugTraq ID: 45074 http://www.securityfocus.com/bid/45074 http://lkml.org/lkml/2010/9/15/392 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 Common Vulnerability Exposure (CVE) ID: CVE-2010-4078 BugTraq ID: 43810 http://www.securityfocus.com/bid/43810 SuSE Security Announcement: SUSE-SA:2011:002 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-4079 BugTraq ID: 45062 http://www.securityfocus.com/bid/45062 http://lkml.org/lkml/2010/9/15/393 Common Vulnerability Exposure (CVE) ID: CVE-2010-4165 44830 http://www.securityfocus.com/bid/44830 69241 http://www.osvdb.org/69241 8111 http://securityreason.com/securityalert/8111 8123 http://securityreason.com/securityalert/8123 [netdev] 20101110 Re: possible kernel oops from user MSS http://www.spinics.net/lists/netdev/msg146495.html [netdev] 20101110 possible kernel oops from user MSS http://www.spinics.net/lists/netdev/msg146405.html [oss-security] 20101112 CVE request: kernel: possible kernel oops from user MSS http://www.openwall.com/lists/oss-security/2010/11/12/1 [oss-security] 20101112 Re: CVE request: kernel: possible kernel oops from user MSS http://www.openwall.com/lists/oss-security/2010/11/12/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2 https://bugzilla.redhat.com/show_bug.cgi?id=652508 Common Vulnerability Exposure (CVE) ID: CVE-2010-4169 44861 http://www.securityfocus.com/bid/44861 [oss-security] 20101115 CVE request: kernel: perf bug http://marc.info/?l=oss-security&m=128979684911295&w=2 [oss-security] 20101115 Re: CVE request: kernel: perf bug http://marc.info/?l=oss-security&m=128984344103497&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=63bfd7384b119409685a17d5c58f0b56e5dc03da https://bugzilla.redhat.com/show_bug.cgi?id=651671 kernel-perfeventmmap-dos(63316) https://exchange.xforce.ibmcloud.com/vulnerabilities/63316 Common Vulnerability Exposure (CVE) ID: CVE-2010-4249 15622 http://www.exploit-db.com/exploits/15622/ 42354 http://secunia.com/advisories/42354 42963 45037 http://www.securityfocus.com/bid/45037 ADV-2011-0168 RHSA-2011:0162 [linux-kernel] 20101123 Unix socket local DOS (OOM) http://lkml.org/lkml/2010/11/23/395 [linux-kernel] 20101124 [PATCH net-next-2.6] scm: lower SCM_MAX_FD http://lkml.org/lkml/2010/11/23/450 [linux-kernel] 20101125 Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect :( http://lkml.org/lkml/2010/11/25/8 [netdev] 20101124 [PATCH] af_unix: limit unix_tot_inflight http://marc.info/?l=linux-netdev&m=129059035929046&w=2 [oss-security] 20101124 CVE request: kernel: unix socket local dos http://www.openwall.com/lists/oss-security/2010/11/24/2 [oss-security] 20101124 Re: CVE request: kernel: unix socket local dos http://www.openwall.com/lists/oss-security/2010/11/24/10 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=656756
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.