Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2014-0981.NASL
HistoryJul 30, 2014 - 12:00 a.m.

Oracle Linux 6 : kernel (ELSA-2014-0981)

2014-07-3000:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.03

Percentile

91.1%

JSON

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0981 advisory.

  • Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.
    (CVE-2014-2851)

  • The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2013-7339)

  • The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and
    __skb_get_nlattr_nest functions before the vulnerability was announced. (CVE-2014-3144)

  • The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.
    (CVE-2014-3145)

  • The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2014-2678)

  • The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command. (CVE-2012-6647)

  • Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions. (CVE-2014-2672)

  • Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. (CVE-2014-2706)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2014-0981.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(76888);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/09/08");

  script_cve_id(
    "CVE-2012-6647",
    "CVE-2013-7339",
    "CVE-2014-2672",
    "CVE-2014-2678",
    "CVE-2014-2706",
    "CVE-2014-2851",
    "CVE-2014-3144",
    "CVE-2014-3145"
  );
  script_bugtraq_id(
    66351,
    66492,
    66543,
    66591,
    66779,
    67300,
    67302,
    67309,
    67321,
    67395,
    67906,
    68125,
    68411,
    68683
  );
  script_xref(name:"RHSA", value:"2014:0981");

  script_name(english:"Oracle Linux 6 : kernel (ELSA-2014-0981)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ELSA-2014-0981 advisory.

  - Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1
    allows local users to cause a denial of service (use-after-free and system crash) or possibly gain
    privileges via a crafted application that leverages an improperly managed reference counter.
    (CVE-2014-2851)

  - The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to
    cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other
    impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2013-7339)

  - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter
    function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length
    value is sufficiently large, which allows local users to cause a denial of service (integer underflow and
    system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and
    __skb_get_nlattr_nest functions before the vulnerability was announced. (CVE-2014-3144)

  - The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in
    the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users
    to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected
    code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.
    (CVE-2014-3145)

  - The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to
    cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other
    impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2014-2678)

  - The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that
    calls have two different futex addresses, which allows local users to cause a denial of service (NULL
    pointer dereference and system crash) or possibly have unspecified other impact via a crafted
    FUTEX_WAIT_REQUEUE_PI command. (CVE-2012-6647)

  - Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux
    kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large
    amount of network traffic that triggers certain list deletions. (CVE-2014-2672)

  - Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to
    cause a denial of service (system crash) via network traffic that improperly interacts with the
    WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. (CVE-2014-2706)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2014-0981.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2851");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/07/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-abi-whitelists");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python-perf");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Oracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("linux_alt_patch_detect.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('ksplice.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
var os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);

var machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');
if (machine_uptrack_level)
{
  var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:"\.(x86_64|i[3-6]86|aarch64)$", replace:'');
  var fixed_uptrack_levels = ['2.6.32-431.23.3.el6'];
  foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {
    if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)
    {
      audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-0981');
    }
  }
  __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\n\n';
}

var kernel_major_minor = get_kb_item('Host/uname/major_minor');
if (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');
var expected_kernel_major_minor = '2.6';
if (kernel_major_minor != expected_kernel_major_minor)
  audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);

var pkgs = [
    {'reference':'kernel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},
    {'reference':'kernel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},
    {'reference':'kernel-abi-whitelists-2.6.32-431.23.3.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},
    {'reference':'kernel-debug-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},
    {'reference':'kernel-debug-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},
    {'reference':'kernel-debug-devel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},
    {'reference':'kernel-debug-devel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},
    {'reference':'kernel-devel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},
    {'reference':'kernel-devel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},
    {'reference':'kernel-firmware-2.6.32-431.23.3.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},
    {'reference':'kernel-headers-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},
    {'reference':'kernel-headers-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},
    {'reference':'perf-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'perf-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'python-perf-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'python-perf-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var release = NULL;
  var sp = NULL;
  var cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && release) {
    if (exists_check) {
        if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    } else {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    }
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');
}
VendorProductVersionCPE
oraclelinux6cpe:/o:oracle:linux:6
oraclelinuxkernelp-cpe:/a:oracle:linux:kernel
oraclelinuxkernel-abi-whitelistsp-cpe:/a:oracle:linux:kernel-abi-whitelists
oraclelinuxkernel-debugp-cpe:/a:oracle:linux:kernel-debug
oraclelinuxkernel-debug-develp-cpe:/a:oracle:linux:kernel-debug-devel
oraclelinuxkernel-develp-cpe:/a:oracle:linux:kernel-devel
oraclelinuxkernel-firmwarep-cpe:/a:oracle:linux:kernel-firmware
oraclelinuxkernel-headersp-cpe:/a:oracle:linux:kernel-headers
oraclelinuxperfp-cpe:/a:oracle:linux:perf
oraclelinuxpython-perfp-cpe:/a:oracle:linux:python-perf

Related

redhat 7
nessus 47
openvas 41
centos 3
oraclelinux 10
suse 2
ubuntu 16
veracode 7
debian 2
securityvulns 2
osv 2
threatpost 1
debiancve 8
ubuntucve 8
cve 8
prion 8
cvelist 8
nvd 8
seebug 5
freebsd 1
thn 1
exploitpack 1
zdt 1
packetstorm 1
exploitdb 1
redhat
redhat
(RHSA-2014:0981) Important: kernel security, bug fix, and enhancement update
2014-07-29 00:00:00
(RHSA-2014:1101) Important: kernel security and bug fix update
2014-08-27 00:00:00
(RHSA-2014:1168) Important: rhev-hypervisor6 security and bug fix update
2014-09-09 00:00:00
nessus
nessus
CentOS 6 : kernel (CESA-2014:0981)
2014-08-01 00:00:00
RHEL 6 : kernel (RHSA-2014:0981)
2014-07-30 00:00:00
RHEL 6 : kernel (RHSA-2014:1101)
2014-11-08 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2014:0981-01
2014-08-05 00:00:00
CentOS Update for kernel CESA-2014:0981 centos6
2014-08-05 00:00:00
Oracle: Security Advisory (ELSA-2014-0981)
2015-10-06 00:00:00
centos
centos
kernel, perf, python security update
2014-07-31 19:57:06
kernel, perf, python security update
2014-08-06 23:41:07
kernel security update
2014-07-25 03:04:41
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2014-07-29 00:00:00
kernel security, bug fix, and enhancement update
2014-07-29 00:00:00
unbreakable enterprise kernel security update
2014-07-30 00:00:00
suse
suse
kernel: security and bugfix update (important)
2014-06-25 09:04:14
kernel: security and bugfix release (important)
2014-07-01 12:04:32
ubuntu
ubuntu
Linux kernel (Quantal HWE) vulnerabilities
2014-06-27 00:00:00
Linux kernel (EC2) vulnerabilities
2014-06-20 00:00:00
Linux kernel vulnerabilities
2014-06-20 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:03:25
Denial Of Service (DoS)
2019-05-02 05:03:26
Null Pointer Dereference
2019-05-02 05:03:26
debian
debian
[SECURITY] [DSA 2949-1] linux security update
2014-06-05 12:15:58
[SECURITY] [DSA 2949-1] linux security update
2014-06-05 12:15:58
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2014-05-29 00:00:00
[USN-2228-1] Linux kernel vulnerabilities
2014-05-29 00:00:00
osv
osv
linux - security update
2014-06-05 00:00:00
linux-2.6 - security update
2014-07-12 00:00:00
threatpost
threatpost
Pinkie Pie Linux Kernel Patch Available
2014-06-06 13:40:34
debiancve
debiancve
CVE-2012-6647
2014-05-26 22:55:05
CVE-2013-7339
2014-03-24 16:40:43
CVE-2014-2672
2014-04-01 06:35:53
ubuntucve
ubuntucve
CVE-2012-6647
2014-05-26 00:00:00
CVE-2013-7339
2014-03-24 00:00:00
CVE-2014-2706
2014-04-14 00:00:00
cve
cve
CVE-2012-6647
2014-05-26 22:55:05
CVE-2013-7339
2014-03-24 16:40:43
CVE-2014-2672
2014-04-01 06:35:53
prion
prion
Null pointer dereference
2014-05-26 22:55:00
Null pointer dereference
2014-03-24 16:40:00
Race condition
2014-04-14 23:55:00
cvelist
cvelist
CVE-2012-6647
2014-05-26 22:00:00
CVE-2013-7339
2014-03-24 10:00:00
CVE-2014-2672
2014-04-01 01:00:00
nvd
nvd
CVE-2013-7339
2014-03-24 16:40:43
CVE-2012-6647
2014-05-26 22:55:05
CVE-2014-2706
2014-04-14 23:55:07
seebug
seebug
Linux Kernel &quot;rds_ib_laddr_check()&quot;空指针引用漏洞
2014-03-25 00:00:00
Linux Kernel 'mac80211/sta_info.c'空指针引用拒绝服务漏洞
2014-04-08 00:00:00
Linux Kernel空指针间接引用本地拒绝服务漏洞
2014-04-03 00:00:00
freebsd
freebsd
cURL -- multiple vulnerabilities
2015-04-22 00:00:00
thn
thn
Linux Kernel Vulnerable to Privilege Escalation and DoS Attack
2014-06-07 00:29:00
exploitpack
exploitpack
Linux Kernel - group_info refcounter Overflow Memory Corruption
2014-04-18 00:00:00
zdt
zdt
linux group_info refcounter - Overflow Memory Corruption
2014-04-19 00:00:00
packetstorm
packetstorm
Linux group_info Denial Of Service
2014-04-18 00:00:00
exploitdb
exploitdb
Linux Kernel - &#039;group_info&#039; refcounter Overflow Memory Corruption
2014-04-18 00:00:00

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.03

Percentile

91.1%

JSON
Related for ORACLELINUX_ELSA-2014-0981.NASL
redhat7nessus47openvas41centos3oraclelinux10suse2ubuntu16veracode7debian2securityvulns2osv2threatpost1debiancve8ubuntucve8cve8prion8cvelist8nvd8seebug5freebsd1thn1exploitpack1zdt1packetstorm1exploitdb1