944296 – (CVE-2015-0272) VUL-0: CVE-2015-0272: NetworkManager: remote DoS using IPv6 RA with bogus MTU

Bug 944296 (CVE-2015-0272) - VUL-0: CVE-2015-0272: NetworkManager: remote DoS using IPv6 RA with bogus MTU

Summary: VUL-0: CVE-2015-0272: NetworkManager: remote DoS using IPv6 RA with bogus MTU

Status:	RESOLVED FIXED

Alias:	CVE-2015-0272

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2015-11-24
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/156237/
Whiteboard:	CVSSv2:RedHat:CVE-2015-0272:4.3:(AV:N...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-09-03 07:46 UTC by Victor Pereira
Modified:	2016-10-26 16:10 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2015-09-03 07:46:01 UTC

rh#1192132

It was reported that it's possible to craft a Router Advertisement message which will bring the receiver in a state where new IPv6 connections will not be accepted until correct Router Advertisement message received.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1192132
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0272

Comment 4 Swamp Workflow Management 2015-09-03 22:00:15 UTC

bugbot adjusting priority

Comment 6 Michal Kubeček 2015-09-04 07:14:03 UTC

Second link doesn't show anything to me and the other two don't provide any
information about the issue. Does it mean this is not public yet?

Comment 7 Michal Kubeček 2015-09-11 13:35:16 UTC

I found a Debian page

  https://security-tracker.debian.org/tracker/CVE-2015-0272

which mentions mainline kernel commit

  77751427a1ff  ipv6: addrconf: validate new MTU before applying it

but that's clearly not what we are looking for as it only handles MTU changes
via sysctl.

Comment 8 Michal Kubeček 2015-09-11 13:40:20 UTC

...and the RA processing code has been checking MTU sanity since the beginning
of the git.

Still no chance to find out any details about this issue?

Comment 11 Marcus Meissner 2015-09-14 13:46:11 UTC

from RH Bug:


It was discovered that NetworkManager would set device MTUs based on the MTU values received in IPv6 RAs (Router Advertisements), without checking the MTU value for sanity first. A remote attacker could exploit this attack to disturb IPv6 communication by sending a specially crafted IPv6 RA packet.

NetworkManager patch:
http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9

There's also a patch for the kernel to harden against invalid MTUs (the file to set the MTU is root owned, though):
http://article.gmane.org/gmane.linux.network/351269

So I think this might be more a network manager issue than a kernel issue?

Comment 12 Michal Kubeček 2015-09-14 16:52:34 UTC

Thanks, now it makes much better sense, I only considered RA handled by kernel
itself. Looks like patching either kernel or NetworkManager would prevent the
remote DoS; I believe patching both would be the best course of action. I'm
going to take care of the kernel patch.

Comment 13 Michal Kubeček 2015-10-06 12:15:38 UTC

Kernel patch submitted to

  SLE12
  cve/linux-3.0
  cve/linux-2.6.32
  cve/linux-2.6.16
  openSUSE-13.2
  openSUSE-13.1

As the commit is in mainline 4.0, the 4.1 based branches (openSUSE-42.1 and
SLE12-SP1-ARM) already have it. So I guess we are done for the kernel part.

Reassigning to NetworkManager maintainer to handle that part.

Comment 14 Michal Kubeček 2015-10-14 08:27:06 UTC

As I learned, the 2.6.32 version of the patch causes the system to crash on
boot. Copy of the explanation from bug 949100 comment 18:

It's a combination of two bugs: sysctl registration really fails because of
missing "strategy" field; I was mistaken by most of other entries not having
"strategy" but those have proc_dointvec as handler so that they are assigned
a default one by sysctl_repair_table(). This check was added in 2.6.24 (that's
why there was no problem on SLES 10 SP4) and the "strategy" handler was
dropped in 2.6.33.

But this problem would only issue a warning in the log if it wasn't for a more
serious bug in addrconf_init_net(): if net is &init_net, the block where
all and dflt are assigned values by kmemdup() is bypassed but if the call to
__addrconf_sysctl_register() fails later, we still call kfree() on them. :-(
This code was inherited from mainline - introduced in 2.6.25-rc1 and fixed in
3.9-rc5 (commit a79ca223e029).

I'm going to fix 2.6.32 and 2.6.16 patch by adding a strategy handler (even
if the sysctl registration failure doesn't happen on 2.6.16). As for the
error path bug, the mainline fix changes the behaviour a little so that
I prefer less intrusive solution: only call kfree() if (net != &init_net)
(which is exactly when all and dflt were allocated using kmemdup()).

Comment 15 Mu Lei 2015-10-15 04:14:47 UTC

So we need to port the patch to our NM too?

Comment 16 Mu Lei 2015-10-15 05:42:06 UTC

We're not using the latest NM in SLE12. The problem is that the architecture changed a lot, so the patch maybe hard or impossible to port to our current NM. Even we make effort to port it, it'll definitely be removed after we upgrade to the latest NM. IMO it's unnecessary to patch it, just wait to upgrade NM in the future.

What do you think?

Comment 17 Mu Lei 2015-10-23 13:42:22 UTC

According to my previous explain. I suggest close it as WONTFIX.
Any comments?

Comment 18 Marcus Meissner 2015-10-26 12:35:12 UTC

as we fixed the kernel, and the fix is in upstream NetworkManager I think we are good.

Comment 19 Swamp Workflow Management 2015-10-29 16:54:59 UTC

openSUSE-SU-2015:1842-1: An update that solves 7 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 919154,926238,937969,938645,939834,940338,941104,941305,941867,942178,944296,947155,951195,951440
CVE References: CVE-2015-0272,CVE-2015-1333,CVE-2015-2925,CVE-2015-3290,CVE-2015-5283,CVE-2015-5707,CVE-2015-7872
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.13.2, cloop-2.639-14.13.2, crash-7.0.8-13.2, hdjmod-1.28-18.14.2, ipset-6.23-13.2, kernel-debug-3.16.7-29.1, kernel-default-3.16.7-29.1, kernel-desktop-3.16.7-29.1, kernel-docs-3.16.7-29.3, kernel-ec2-3.16.7-29.1, kernel-obs-build-3.16.7-29.2, kernel-obs-qa-3.16.7-29.1, kernel-obs-qa-xen-3.16.7-29.1, kernel-pae-3.16.7-29.1, kernel-source-3.16.7-29.1, kernel-syms-3.16.7-29.1, kernel-vanilla-3.16.7-29.1, kernel-xen-3.16.7-29.1, pcfclock-0.44-260.13.2, vhba-kmp-20140629-2.13.2, xen-4.4.2_06-27.2, xtables-addons-2.6-13.2

Comment 20 Mu Lei 2015-10-30 10:26:43 UTC

Close as fixed, feel free to reopen it if any necessary.

Comment 23 Swamp Workflow Management 2015-11-17 11:56:43 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2015-11-24.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62340

Comment 24 Marcus Meissner 2015-11-18 20:22:26 UTC

This CVE was issued to NetworkManager, not to the kernel ... :/

Comment 25 Swamp Workflow Management 2015-11-26 12:19:39 UTC

SUSE-SU-2015:2108-1: An update that solves 8 vulnerabilities and has 51 fixes is now available.

Category: security (important)
Bug References: 777565,814440,900610,904348,904965,920016,923002,926007,926709,926774,930145,930788,932350,932805,933721,935053,935757,936118,938706,939826,939926,939955,940017,940925,941202,942204,942305,942367,942605,942688,942938,943786,944296,944831,944837,944989,944993,945691,945825,945827,946078,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949981,951440,952084,952384,952579,953527,953980,954404
CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP3 (src):    kernel-docs-3.0.101-0.47.71.3
SUSE Linux Enterprise Server for VMWare 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.71.1, kernel-default-3.0.101-0.47.71.1, kernel-pae-3.0.101-0.47.71.1, kernel-source-3.0.101-0.47.71.1, kernel-syms-3.0.101-0.47.71.1, kernel-trace-3.0.101-0.47.71.1, kernel-xen-3.0.101-0.47.71.1
SUSE Linux Enterprise Server 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.71.1, kernel-default-3.0.101-0.47.71.1, kernel-ec2-3.0.101-0.47.71.1, kernel-pae-3.0.101-0.47.71.1, kernel-ppc64-3.0.101-0.47.71.1, kernel-source-3.0.101-0.47.71.1, kernel-syms-3.0.101-0.47.71.1, kernel-trace-3.0.101-0.47.71.1, kernel-xen-3.0.101-0.47.71.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.71.1, kernel-default-3.0.101-0.47.71.1, kernel-pae-3.0.101-0.47.71.1, kernel-ppc64-3.0.101-0.47.71.1, kernel-trace-3.0.101-0.47.71.1, kernel-xen-3.0.101-0.47.71.1
SUSE Linux Enterprise Desktop 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.71.1, kernel-default-3.0.101-0.47.71.1, kernel-pae-3.0.101-0.47.71.1, kernel-source-3.0.101-0.47.71.1, kernel-syms-3.0.101-0.47.71.1, kernel-trace-3.0.101-0.47.71.1, kernel-xen-3.0.101-0.47.71.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.71.1, kernel-default-3.0.101-0.47.71.1, kernel-ec2-3.0.101-0.47.71.1, kernel-pae-3.0.101-0.47.71.1, kernel-ppc64-3.0.101-0.47.71.1, kernel-trace-3.0.101-0.47.71.1, kernel-xen-3.0.101-0.47.71.1

Comment 26 Marcus Meissner 2015-12-11 13:46:38 UTC

Note that we did not yet fix NetworkManager.

The kernel issue was actually tracked in bug 955354 with CVE-2015-8215.

Comment 27 Swamp Workflow Management 2015-12-17 15:15:25 UTC

SUSE-SU-2015:2292-1: An update that solves 7 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 758040,814440,904348,921949,924493,926238,933514,936773,939826,939926,940776,941113,941202,943959,944296,947241,947478,949100,949192,949706,949744,949936,950013,950580,950750,950998,951110,951165,951440,951638,951864,952384,952666,953717,953826,953830,953971,953980,954635,954986,955136,955148,955224,955354,955422,955533,955644,956047,956053,956147,956284,956703,956711,956717,956801,956876,957395,957546,958504,958510,958647
CVE References: CVE-2015-0272,CVE-2015-2925,CVE-2015-5156,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.51-60.20.2
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.51-60.20.2, kernel-obs-build-3.12.51-60.20.1
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.51-60.20.2
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_1-1-4.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2

Comment 28 Swamp Workflow Management 2015-12-22 15:18:44 UTC

SUSE-SU-2015:2339-1: An update that solves 10 vulnerabilities and has 57 fixes is now available.

Category: security (important)
Bug References: 814440,879378,879381,900610,904348,904965,921081,926774,930145,930770,930788,930835,932805,935123,935757,937256,937444,938706,939826,939926,939955,940017,940913,940946,941202,942938,943786,944296,944677,944831,944837,944989,944993,945691,945825,945827,946078,946214,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949936,949981,950298,950750,950998,951440,952084,952384,952579,952976,953527,953799,953980,954404,954628,954950,954984,955673,956709
CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7509,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-68.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-default-3.0.101-68.1, kernel-ec2-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-source-3.0.101-68.1, kernel-syms-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1
SUSE Linux Enterprise Desktop 11-SP4 (src):    kernel-default-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-source-3.0.101-68.1, kernel-syms-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-default-3.0.101-68.1, kernel-ec2-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1

Comment 29 Swamp Workflow Management 2016-02-01 15:22:02 UTC

openSUSE-SU-2016:0301-1: An update that solves 57 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 814440,851610,869564,873385,906545,907818,909077,909477,911326,912202,915517,915577,917830,918333,919007,919018,919463,919596,921313,921949,922583,922936,922944,926238,926240,927780,927786,928130,929525,930399,931988,932348,933896,933904,933907,933934,935542,935705,936502,936831,937032,937033,937969,938706,940338,944296,945825,947155,949936,950998,951194,951440,951627,952384,952579,952976,953052,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-2568,CVE-2014-8133,CVE-2014-8989,CVE-2014-9090,CVE-2014-9419,CVE-2014-9529,CVE-2014-9683,CVE-2014-9715,CVE-2014-9728,CVE-2014-9729,CVE-2014-9730,CVE-2014-9731,CVE-2015-0272,CVE-2015-0777,CVE-2015-1420,CVE-2015-1421,CVE-2015-2041,CVE-2015-2042,CVE-2015-2150,CVE-2015-2666,CVE-2015-2830,CVE-2015-2922,CVE-2015-2925,CVE-2015-3212,CVE-2015-3339,CVE-2015-3636,CVE-2015-4001,CVE-2015-4002,CVE-2015-4003,CVE-2015-4004,CVE-2015-4036,CVE-2015-4167,CVE-2015-4692,CVE-2015-4700,CVE-2015-5157,CVE-2015-5283,CVE-2015-5307,CVE-2015-5364,CVE-2015-5366,CVE-2015-5707,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7833,CVE-2015-7872,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.22.2, crash-7.0.2-2.22.2, hdjmod-1.28-16.22.2, ipset-6.21.1-2.26.2, iscsitarget-1.4.20.3-13.22.2, kernel-debug-3.11.10-32.1, kernel-default-3.11.10-32.1, kernel-desktop-3.11.10-32.1, kernel-docs-3.11.10-32.3, kernel-ec2-3.11.10-32.1, kernel-pae-3.11.10-32.1, kernel-source-3.11.10-32.1, kernel-syms-3.11.10-32.1, kernel-trace-3.11.10-32.1, kernel-vanilla-3.11.10-32.1, kernel-xen-3.11.10-32.1, ndiswrapper-1.58-22.1, pcfclock-0.44-258.22.1, vhba-kmp-20130607-2.23.1, virtualbox-4.2.36-2.55.1, xen-4.3.4_10-56.1, xtables-addons-2.3-2.22.1

Comment 30 Swamp Workflow Management 2016-02-03 14:13:51 UTC

openSUSE-SU-2016:0318-1: An update that solves 19 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 814440,906545,912202,921949,937969,937970,938706,944296,945825,949936,950998,951627,951638,952384,952579,952976,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-8989,CVE-2014-9529,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.15.1, cloop-2.639-14.15.1, crash-7.0.8-15.1, hdjmod-1.28-18.16.1, ipset-6.23-15.1, kernel-debug-3.16.7-32.1, kernel-default-3.16.7-32.1, kernel-desktop-3.16.7-32.1, kernel-docs-3.16.7-32.2, kernel-ec2-3.16.7-32.1, kernel-obs-build-3.16.7-32.2, kernel-obs-qa-3.16.7-32.1, kernel-obs-qa-xen-3.16.7-32.1, kernel-pae-3.16.7-32.1, kernel-source-3.16.7-32.1, kernel-syms-3.16.7-32.1, kernel-vanilla-3.16.7-32.1, kernel-xen-3.16.7-32.1, pcfclock-0.44-260.15.1, vhba-kmp-20140629-2.15.1, virtualbox-4.3.34-37.1, xen-4.4.3_08-38.1, xtables-addons-2.6-15.1

Comment 31 Swamp Workflow Management 2016-02-05 20:21:56 UTC

SUSE-SU-2016:0354-1: An update that solves 9 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 777565,814440,900610,904348,904965,920016,923002,926007,926709,926774,930145,930788,932350,932805,933721,935053,935757,936118,937969,937970,938706,939207,939826,939926,939955,940017,940925,941202,942204,942305,942367,942605,942688,942938,943786,944296,944831,944837,944989,944993,945691,945825,945827,946078,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949981,951440,952084,952384,952579,953527,953980,954404,955354
CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP3 (src):    kernel-rt-3.0.101.rt130-0.33.44.2, kernel-rt_trace-3.0.101.rt130-0.33.44.2, kernel-source-rt-3.0.101.rt130-0.33.44.2, kernel-syms-rt-3.0.101.rt130-0.33.44.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-rt-3.0.101.rt130-0.33.44.2, kernel-rt_trace-3.0.101.rt130-0.33.44.2

Comment 32 Swamp Workflow Management 2016-10-26 16:10:28 UTC

openSUSE-SU-2016:2649-1: An update that solves 49 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1004418,758540,816446,861093,917648,928130,935757,939826,942367,944296,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,969356,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822
CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-1339,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486,CVE-2016-5195
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-debug-3.0.101-105.1, kernel-default-3.0.101-105.1, kernel-desktop-3.0.101-105.1, kernel-docs-3.0.101-105.2, kernel-ec2-3.0.101-105.1, kernel-pae-3.0.101-105.1, kernel-source-3.0.101-105.1, kernel-syms-3.0.101-105.1, kernel-trace-3.0.101-105.1, kernel-vanilla-3.0.101-105.1, kernel-vmi-3.0.101-105.1, kernel-xen-3.0.101-105.1, preload-1.2-6.83.1