Open mend-for-github-com[bot] opened 1 year ago
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
Library home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2011-0521
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/media/dvb/ttpci/av7110_ca.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/media/dvb/ttpci/av7110_ca.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/media/dvb/ttpci/av7110_ca.c
### Vulnerability DetailsThe dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.
Publish Date: 2011-02-02
URL: CVE-2011-0521
### CVSS 3 Score Details (8.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-0521
Release Date: 2011-02-02
Fix Resolution: 2.6.38-rc2
CVE-2012-2319
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsMultiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.
Publish Date: 2012-05-17
URL: CVE-2012-2319
### CVSS 3 Score Details (8.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-2319
Release Date: 2012-05-17
Fix Resolution: 3.3.5
CVE-2016-1583
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
### Vulnerability DetailsThe ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
Publish Date: 2016-06-27
URL: CVE-2016-1583
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-1583
Release Date: 2016-06-27
Fix Resolution: 4.6.3
CVE-2020-15852
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/paravirt.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/paravirt.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/paravirt.c
### Vulnerability DetailsAn issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.
Publish Date: 2020-07-20
URL: CVE-2020-15852
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15852
Release Date: 2020-08-10
Fix Resolution: v5.8-rc6
CVE-2014-9322
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/dumpstack_64.c
### Vulnerability Detailsarch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
Publish Date: 2014-12-17
URL: CVE-2014-9322
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-9322
Release Date: 2014-12-17
Fix Resolution: 3.17.5
CVE-2021-42008
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/hamradio/6pack.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/hamradio/6pack.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/hamradio/6pack.c
### Vulnerability DetailsThe decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
Publish Date: 2021-10-05
URL: CVE-2021-42008
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2021-42008
Release Date: 2021-10-05
Fix Resolution: v4.4.282,v4.9.281,v4.14.245,v4.19.205,v5.4.143,v5.10.61,v5.13.13,v5.14-rc7
CVE-2023-0045
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
### Vulnerability DetailsThe current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96
Publish Date: 2023-04-25
URL: CVE-2023-0045
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2023-0045
Release Date: 2023-01-04
Fix Resolution: v5.4.229,v5.10.163,v5.15.87,v6.0.19,v6.1.5,v6.2-rc3
CVE-2011-3359
### Vulnerable Libraries - netgearCM400_gpl, netgearCM400_gpl
### Vulnerability DetailsThe dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.
Publish Date: 2012-05-24
URL: CVE-2011-3359
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-3359
Release Date: 2012-05-24
Fix Resolution: 2.6.39
CVE-2017-1000364
### Vulnerable Libraries - netgearCM400_gpl, netgearCM400_gpl, netgearCM400_gpl
### Vulnerability DetailsAn issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
Publish Date: 2017-06-19
URL: CVE-2017-1000364
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2017-1000364
Release Date: 2017-06-19
Fix Resolution: v3.2.90,v3.16.45,v3.18.58,v4.1.42,v4.4.74,v4.9.34,v4.11.7,v4.12-rc6
CVE-2014-3215
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/tile/kernel/sys.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/tile/kernel/sys.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/tile/kernel/sys.c
### Vulnerability Detailsseunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
Publish Date: 2014-05-08
URL: CVE-2014-3215
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-3215
Release Date: 2014-05-08
Fix Resolution: kernel-doc - 2.6.32-504.16.2;kernel-abi-whitelists - 2.6.32-504.16.2;perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debug-devel - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-devel - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-python - 0.7.5-4,0.7.5-4;libcap-ng - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;kernel-debug-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-utils - 0.7.5-4,0.7.5-4;kernel-debug - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-devel - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-firmware - 2.6.32-504.16.2;kernel - 2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-debuginfo - 0.7.5-4,0.7.5-4;python-perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-i686 - 2.6.32-504.16.2;python-perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-headers - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-x86_64 - 2.6.32-504.16.2
CVE-2013-0268
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/msr.c
### Vulnerability DetailsThe msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.
Publish Date: 2013-02-18
URL: CVE-2013-0268
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-0268
Release Date: 2013-02-18
Fix Resolution: 3.7.6
CVE-2012-2663
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src/router/iptables-1.4.x/extensions/libxt_tcp.c
/release/src/router/iptables-1.4.x/extensions/libxt_tcp.c
/release/src/router/iptables-1.4.x/extensions/libxt_tcp.c
### Vulnerability Detailsextensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.
Publish Date: 2014-02-15
URL: CVE-2012-2663
### CVSS 3 Score Details (7.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-2663
Release Date: 2014-02-15
Fix Resolution: iptables - 1.6.1
CVE-2017-7533
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsRace condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
Publish Date: 2017-08-05
URL: CVE-2017-7533
### CVSS 3 Score Details (7.0)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7533
Release Date: 2017-08-05
Fix Resolution: kernel-headers - 3.10.0-327.61.3;kernel-rt-trace-devel - 3.10.0-693.2.1.rt56.620;kernel-rt-debug-kvm - 3.10.0-693.2.1.rt56.620;kernel-bootwrapper - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;perf - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debuginfo - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debug-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-tools-libs - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;perf-debuginfo - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel-debug-debuginfo - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-debug - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel - 3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug-devel - 3.10.0-693.2.1.rt56.620;python-perf - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug - 3.10.0-693.2.1.rt56.620;kernel-rt-devel - 3.10.0-693.2.1.rt56.620;kernel-tools - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-trace-kvm - 3.10.0-693.2.1.rt56.620;kernel-tools-libs-devel - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-tools-debuginfo - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-kvm - 3.10.0-693.2.1.rt56.620;python-perf-debuginfo - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-headers - 3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-rt-trace - 3.10.0-693.2.1.rt56.620;kernel-debuginfo-common-x86_64 - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt - 3.10.0-693.2.1.rt56.620,3.10.0-693.2.1.rt56.620;kernel-doc - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-abi-whitelists - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2
CVE-2012-3375
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/eventpoll.c
### Vulnerability DetailsThe epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
Publish Date: 2012-10-03
URL: CVE-2012-3375
### CVSS 3 Score Details (6.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-3375
Release Date: 2012-10-03
Fix Resolution: 3.2.24
CVE-2014-9090
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/dumpstack_64.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/dumpstack_64.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/dumpstack_64.c
### Vulnerability DetailsThe do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.
Publish Date: 2014-11-30
URL: CVE-2014-9090
### CVSS 3 Score Details (6.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9090
Release Date: 2014-11-30
Fix Resolution: v3.18-rc6
CVE-2011-1083
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/eventpoll.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/eventpoll.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/eventpoll.c
### Vulnerability DetailsThe epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
Publish Date: 2011-04-04
URL: CVE-2011-1083
### CVSS 3 Score Details (6.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1083
Release Date: 2011-04-04
Fix Resolution: v2.6.38-rc7
CVE-2011-1082
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/eventpoll.c
### Vulnerability Detailsfs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
Publish Date: 2011-04-04
URL: CVE-2011-1082
### CVSS 3 Score Details (6.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-1082
Release Date: 2011-04-04
Fix Resolution: 2.6.38
CVE-2012-1601
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/ia64/kvm/kvm-ia64.c
### Vulnerability DetailsThe KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.
Publish Date: 2012-05-17
URL: CVE-2012-1601
### CVSS 3 Score Details (6.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-1601
Release Date: 2012-05-17
Fix Resolution: 3.3.6
CVE-2023-1998
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/arch/x86/kernel/cpu/bugs.c
### Vulnerability DetailsThe Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.
Publish Date: 2023-04-21
URL: CVE-2023-1998
### CVSS 3 Score Details (5.6)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2023-1998
Release Date: 2023-04-12
Fix Resolution: v6.1.16,v6.2.3
CVE-2010-5332
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/mlx4/port.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/mlx4/port.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/net/mlx4/port.c
### Vulnerability DetailsIn the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.
Publish Date: 2019-07-27
URL: CVE-2010-5332
### CVSS 3 Score Details (5.6)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5332
Release Date: 2019-07-27
Fix Resolution: v2.6.37-rc1
CVE-2011-4915
### Vulnerable Library - netgearCM400_gplLibrary home page: https://sourceforge.net/projects/netgear/
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/proc/root.c
### Vulnerability Detailsfs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.
Publish Date: 2020-02-20
URL: CVE-2011-4915
### CVSS 3 Score Details (5.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4915
Release Date: 2020-02-20
Fix Resolution: v3.3-rc1