Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702906
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2906-1 (linux-2.6 - privilege escalation/denial of service/information leak)
Summary:Several vulnerabilities have been;discovered in the Linux kernel that may lead to a denial of service,;information leak or privilege escalation. The Common;Vulnerabilities and Exposures project identifies the following problems:;;CVE-2013-0343;George Kargiotakis reported an issue in the temporary address handling;of the IPv6 privacy extensions. Users on the same LAN can cause a denial;of service or obtain access to sensitive information by sending router;advertisement messages that cause temporary address generation to be;disabled.;;CVE-2013-2147;Dan Carpenter reported issues in the cpqarray driver for Compaq;Smart2 Controllers and the cciss driver for HP Smart Array controllers;allowing users to gain access to sensitive kernel memory.;;CVE-2013-2889;Kees Cook discovered missing input sanitization in the HID driver for;Zeroplus game pads that could lead to a local denial of service.;;CVE-2013-2893;Kees Cook discovered that missing input sanitization in the HID driver;for various Logitech force feedback devices could lead to a local denial;of service.;;Description truncated. Please see the references for more information.
Description:Summary:
Several vulnerabilities have been
discovered in the Linux kernel that may lead to a denial of service,
information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2013-0343
George Kargiotakis reported an issue in the temporary address handling
of the IPv6 privacy extensions. Users on the same LAN can cause a denial
of service or obtain access to sensitive information by sending router
advertisement messages that cause temporary address generation to be
disabled.

CVE-2013-2147
Dan Carpenter reported issues in the cpqarray driver for Compaq
Smart2 Controllers and the cciss driver for HP Smart Array controllers
allowing users to gain access to sensitive kernel memory.

CVE-2013-2889
Kees Cook discovered missing input sanitization in the HID driver for
Zeroplus game pads that could lead to a local denial of service.

CVE-2013-2893
Kees Cook discovered that missing input sanitization in the HID driver
for various Logitech force feedback devices could lead to a local denial
of service.

Description truncated. Please see the references for more information.

Affected Software/OS:
linux-2.6 on Debian Linux

Solution:
For the oldstable distribution (squeeze), this problem has been fixed in
version 2.6.32-48squeeze5.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze5
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or leap-frog fashion.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-0343
http://openwall.com/lists/oss-security/2012/12/05/4
http://openwall.com/lists/oss-security/2013/01/16/7
http://openwall.com/lists/oss-security/2013/01/21/11
http://www.openwall.com/lists/oss-security/2013/02/22/6
RedHat Security Advisories: RHSA-2013:1449
http://rhn.redhat.com/errata/RHSA-2013-1449.html
RedHat Security Advisories: RHSA-2013:1490
http://rhn.redhat.com/errata/RHSA-2013-1490.html
RedHat Security Advisories: RHSA-2013:1645
http://rhn.redhat.com/errata/RHSA-2013-1645.html
SuSE Security Announcement: openSUSE-SU-2014:0204 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
http://www.ubuntu.com/usn/USN-1976-1
http://www.ubuntu.com/usn/USN-1977-1
http://www.ubuntu.com/usn/USN-2019-1
http://www.ubuntu.com/usn/USN-2020-1
http://www.ubuntu.com/usn/USN-2021-1
http://www.ubuntu.com/usn/USN-2022-1
http://www.ubuntu.com/usn/USN-2023-1
http://www.ubuntu.com/usn/USN-2024-1
http://www.ubuntu.com/usn/USN-2038-1
http://www.ubuntu.com/usn/USN-2039-1
http://www.ubuntu.com/usn/USN-2050-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2147
http://lkml.org/lkml/2013/6/3/127
http://lkml.org/lkml/2013/6/3/131
http://www.openwall.com/lists/oss-security/2013/06/05/25
RedHat Security Advisories: RHSA-2013:1166
http://rhn.redhat.com/errata/RHSA-2013-1166.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://www.ubuntu.com/usn/USN-1994-1
http://www.ubuntu.com/usn/USN-1996-1
http://www.ubuntu.com/usn/USN-1997-1
http://www.ubuntu.com/usn/USN-1999-1
http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2016-1
http://www.ubuntu.com/usn/USN-2017-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2889
BugTraq ID: 62042
http://www.securityfocus.com/bid/62042
http://marc.info/?l=linux-input&m=137772182014614&w=1
http://openwall.com/lists/oss-security/2013/08/28/13
Common Vulnerability Exposure (CVE) ID: CVE-2013-2893
BugTraq ID: 62050
http://www.securityfocus.com/bid/62050
http://marc.info/?l=linux-input&m=137772186714627&w=1
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2929
BugTraq ID: 64111
http://www.securityfocus.com/bid/64111
RedHat Security Advisories: RHSA-2014:0100
http://rhn.redhat.com/errata/RHSA-2014-0100.html
RedHat Security Advisories: RHSA-2014:0159
http://rhn.redhat.com/errata/RHSA-2014-0159.html
RedHat Security Advisories: RHSA-2014:0285
http://rhn.redhat.com/errata/RHSA-2014-0285.html
RedHat Security Advisories: RHSA-2018:1252
https://access.redhat.com/errata/RHSA-2018:1252
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2075-1
http://www.ubuntu.com/usn/USN-2109-1
http://www.ubuntu.com/usn/USN-2110-1
http://www.ubuntu.com/usn/USN-2111-1
http://www.ubuntu.com/usn/USN-2112-1
http://www.ubuntu.com/usn/USN-2114-1
http://www.ubuntu.com/usn/USN-2115-1
http://www.ubuntu.com/usn/USN-2116-1
http://www.ubuntu.com/usn/USN-2128-1
http://www.ubuntu.com/usn/USN-2129-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4162
BugTraq ID: 61411
http://www.securityfocus.com/bid/61411
http://www.openwall.com/lists/oss-security/2013/07/23/9
RedHat Security Advisories: RHSA-2013:1436
http://rhn.redhat.com/errata/RHSA-2013-1436.html
RedHat Security Advisories: RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
RedHat Security Advisories: RHSA-2013:1520
http://rhn.redhat.com/errata/RHSA-2013-1520.html
http://secunia.com/advisories/54148
http://secunia.com/advisories/55055
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1938-1
http://www.ubuntu.com/usn/USN-1939-1
http://www.ubuntu.com/usn/USN-1941-1
http://www.ubuntu.com/usn/USN-1942-1
http://www.ubuntu.com/usn/USN-1943-1
http://www.ubuntu.com/usn/USN-1944-1
http://www.ubuntu.com/usn/USN-1945-1
http://www.ubuntu.com/usn/USN-1946-1
http://www.ubuntu.com/usn/USN-1947-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4299
RedHat Security Advisories: RHSA-2013:1450
http://rhn.redhat.com/errata/RHSA-2013-1450.html
RedHat Security Advisories: RHSA-2013:1519
http://rhn.redhat.com/errata/RHSA-2013-1519.html
RedHat Security Advisories: RHSA-2013:1783
http://rhn.redhat.com/errata/RHSA-2013-1783.html
RedHat Security Advisories: RHSA-2013:1860
http://rhn.redhat.com/errata/RHSA-2013-1860.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
http://www.ubuntu.com/usn/USN-2040-1
http://www.ubuntu.com/usn/USN-2041-1
http://www.ubuntu.com/usn/USN-2042-1
http://www.ubuntu.com/usn/USN-2043-1
http://www.ubuntu.com/usn/USN-2044-1
http://www.ubuntu.com/usn/USN-2045-1
http://www.ubuntu.com/usn/USN-2046-1
http://www.ubuntu.com/usn/USN-2049-1
http://www.ubuntu.com/usn/USN-2066-1
http://www.ubuntu.com/usn/USN-2067-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4345
BugTraq ID: 62740
http://www.securityfocus.com/bid/62740
http://marc.info/?l=linux-crypto-vger&m=137942122902845&w=2
http://www.ubuntu.com/usn/USN-2064-1
http://www.ubuntu.com/usn/USN-2065-1
http://www.ubuntu.com/usn/USN-2068-1
http://www.ubuntu.com/usn/USN-2071-1
http://www.ubuntu.com/usn/USN-2072-1
http://www.ubuntu.com/usn/USN-2074-1
http://www.ubuntu.com/usn/USN-2076-1
http://www.ubuntu.com/usn/USN-2158-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4512
BugTraq ID: 63510
http://www.securityfocus.com/bid/63510
http://www.openwall.com/lists/oss-security/2013/11/04/22
Common Vulnerability Exposure (CVE) ID: CVE-2013-4587
http://www.openwall.com/lists/oss-security/2013/12/12/12
SuSE Security Announcement: openSUSE-SU-2014:0205 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html
SuSE Security Announcement: openSUSE-SU-2014:0247 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html
http://www.ubuntu.com/usn/USN-2113-1
http://www.ubuntu.com/usn/USN-2117-1
http://www.ubuntu.com/usn/USN-2135-1
http://www.ubuntu.com/usn/USN-2136-1
http://www.ubuntu.com/usn/USN-2138-1
http://www.ubuntu.com/usn/USN-2139-1
http://www.ubuntu.com/usn/USN-2141-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6367
BugTraq ID: 64270
http://www.securityfocus.com/bid/64270
RedHat Security Advisories: RHSA-2013:1801
http://rhn.redhat.com/errata/RHSA-2013-1801.html
RedHat Security Advisories: RHSA-2014:0163
http://rhn.redhat.com/errata/RHSA-2014-0163.html
RedHat Security Advisories: RHSA-2014:0284
http://rhn.redhat.com/errata/RHSA-2014-0284.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6380
http://www.openwall.com/lists/oss-security/2013/11/22/5
Common Vulnerability Exposure (CVE) ID: CVE-2013-6381
BugTraq ID: 63890
http://www.securityfocus.com/bid/63890
Common Vulnerability Exposure (CVE) ID: CVE-2013-6382
BugTraq ID: 63889
http://www.securityfocus.com/bid/63889
http://www.spinics.net/lists/xfs/msg23343.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6383
http://www.ubuntu.com/usn/USN-2069-1
http://www.ubuntu.com/usn/USN-2073-1
http://www.ubuntu.com/usn/USN-2107-1
http://www.ubuntu.com/usn/USN-2108-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-7263
http://www.openwall.com/lists/oss-security/2013/11/28/13
http://seclists.org/oss-sec/2014/q1/29
http://secunia.com/advisories/55882
http://secunia.com/advisories/56036
SuSE Security Announcement: SUSE-SU-2014:0459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-7264
Common Vulnerability Exposure (CVE) ID: CVE-2013-7265
Common Vulnerability Exposure (CVE) ID: CVE-2013-7339
BugTraq ID: 66351
http://www.securityfocus.com/bid/66351
http://www.openwall.com/lists/oss-security/2014/03/20/14
http://secunia.com/advisories/59386
Common Vulnerability Exposure (CVE) ID: CVE-2014-0101
BugTraq ID: 65943
http://www.securityfocus.com/bid/65943
http://www.openwall.com/lists/oss-security/2014/03/04/6
RedHat Security Advisories: RHSA-2014:0328
http://rhn.redhat.com/errata/RHSA-2014-0328.html
RedHat Security Advisories: RHSA-2014:0419
http://rhn.redhat.com/errata/RHSA-2014-0419.html
RedHat Security Advisories: RHSA-2014:0432
http://rhn.redhat.com/errata/RHSA-2014-0432.html
http://secunia.com/advisories/59216
http://www.ubuntu.com/usn/USN-2173-1
http://www.ubuntu.com/usn/USN-2174-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-1444
BugTraq ID: 64952
http://www.securityfocus.com/bid/64952
http://www.openwall.com/lists/oss-security/2014/01/15/3
XForce ISS Database: linux-kernel-cve20141444-info-disc(90443)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90443
Common Vulnerability Exposure (CVE) ID: CVE-2014-1445
BugTraq ID: 64953
http://www.securityfocus.com/bid/64953
XForce ISS Database: linux-kernel-cve20141445-info-disc(90444)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90444
Common Vulnerability Exposure (CVE) ID: CVE-2014-1446
BugTraq ID: 64954
http://www.securityfocus.com/bid/64954
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126874.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html
http://www.mandriva.com/security/advisories?name=MDVSA-2014:038
http://www.ubuntu.com/usn/USN-2133-1
http://www.ubuntu.com/usn/USN-2134-1
XForce ISS Database: linux-kernel-cve20141446-info-disc(90445)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90445
Common Vulnerability Exposure (CVE) ID: CVE-2014-1874
BugTraq ID: 65459
http://www.securityfocus.com/bid/65459
http://www.openwall.com/lists/oss-security/2014/02/07/2
http://secunia.com/advisories/59262
http://secunia.com/advisories/59309
http://secunia.com/advisories/59406
http://www.ubuntu.com/usn/USN-2137-1
http://www.ubuntu.com/usn/USN-2140-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-2039
BugTraq ID: 65700
http://www.securityfocus.com/bid/65700
http://www.openwall.com/lists/oss-security/2014/02/20/14
Common Vulnerability Exposure (CVE) ID: CVE-2014-2523
BugTraq ID: 66279
http://www.securityfocus.com/bid/66279
http://twitter.com/grsecurity/statuses/445496197399461888
http://www.openwall.com/lists/oss-security/2014/03/17/7
http://www.securitytracker.com/id/1029945
http://secunia.com/advisories/57446
XForce ISS Database: linux-kernel-cve20142523-code-exec(91910)
https://exchange.xforce.ibmcloud.com/vulnerabilities/91910
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.