Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114201800071HistoryApr 19, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2018:0007-1)
2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2018.0007.1");
script_cve_id("CVE-2017-5715");
script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
script_version("2024-02-02T14:37:49+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:49 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"1.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:P/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2021-04-14 14:52:07 +0000 (Wed, 14 Apr 2021)");
script_name("SUSE: Security Advisory (SUSE-SU-2018:0007-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP3)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2018:0007-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2018/suse-su-20180007-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2018:0007-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for qemu fixes the following issues:
A new feature was added:
- Support EPYC vCPU type (bsc#1052825 fate#324038)
Also a mitigation for a security problem has been applied:
- CVE-2017-5715: QEMU was updated to allow passing through new MSR and
CPUID flags from the host VM to the CPU, to allow enabling/disabling
branch prediction features in the Intel CPU. (bsc#1068032)");
script_tag(name:"affected", value:"'qemu' package(s) on SUSE Container as a Service Platform ALL, SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP3.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"qemu", rpm:"qemu~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-arm", rpm:"qemu-arm~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-arm-debuginfo", rpm:"qemu-arm-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-curl", rpm:"qemu-block-curl~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-curl-debuginfo", rpm:"qemu-block-curl-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-iscsi", rpm:"qemu-block-iscsi~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-iscsi-debuginfo", rpm:"qemu-block-iscsi-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-rbd", rpm:"qemu-block-rbd~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-rbd-debuginfo", rpm:"qemu-block-rbd-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-ssh", rpm:"qemu-block-ssh~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-block-ssh-debuginfo", rpm:"qemu-block-ssh-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-debugsource", rpm:"qemu-debugsource~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-guest-agent", rpm:"qemu-guest-agent~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-guest-agent-debuginfo", rpm:"qemu-guest-agent-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-ipxe", rpm:"qemu-ipxe~1.0.0~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-kvm", rpm:"qemu-kvm~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-lang", rpm:"qemu-lang~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-ppc", rpm:"qemu-ppc~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-ppc-debuginfo", rpm:"qemu-ppc-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-s390", rpm:"qemu-s390~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-s390-debuginfo", rpm:"qemu-s390-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-seabios", rpm:"qemu-seabios~1.10.2~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-sgabios", rpm:"qemu-sgabios~8~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-tools", rpm:"qemu-tools~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-tools-debuginfo", rpm:"qemu-tools-debuginfo~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-vgabios", rpm:"qemu-vgabios~1.10.2~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"qemu-x86", rpm:"qemu-x86~2.9.1~6.9.2", rls:"SLES12.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
RHEL 6 : libvirt (RHSA-2018:0108) (Spectre)
2018-01-23 00:00:00
CentOS 7 : linux-firmware (CESA-2018:0094) (Spectre)
2018-01-18 00:00:00
RHEL 6 / 7 : microcode_ctl (RHSA-2018:0093) (Spectre)
2018-01-17 00:00:00
suse
suse
Security update for qemu (important)
2018-01-05 18:10:57
Security update for ucode-intel (important)
2018-03-16 18:09:28
Security update for ucode-intel (important)
2018-01-04 03:07:17
threatpost
threatpost
New Spectre-Level Flaw Targets Return Stack Buffer
2018-07-23 18:27:20
Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support
2018-04-04 15:18:47
debian
debian
[SECURITY] [DLA 1362-1] gcc-4.9-backport new package
2018-04-25 16:20:05
[SECURITY] [DLA 1349-1] linux-tools security update
2018-04-16 22:31:52
[SECURITY] [DSA 4179-1] linux-tools security update
2018-04-24 13:15:06
amazon
amazon
Important: linux-firmware
2018-02-20 21:46:00
Important: qemu-kvm
2018-02-07 18:49:00
Important: qemu-kvm
2018-01-12 21:24:00
redhat
redhat
(RHSA-2018:0109) Important: libvirt security update
2018-01-22 10:05:55
(RHSA-2018:0050) Important: vdsm security update
2018-01-05 15:36:32
(RHSA-2018:0029) Important: libvirt security update
2018-01-04 19:31:42
centos
centos
microcode_ctl security update
2018-01-04 11:40:52
libvirt security update
2018-01-04 19:54:04
microcode_ctl security update
2018-01-17 14:59:21
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:0041-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1015)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1014)
2020-01-23 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerability
2018-05-29 22:41:14
Updated microcode packages fix security vulnerabilities
2018-01-13 17:28:36
oraclelinux
oraclelinux
microcode_ctl security update
2018-01-17 00:00:00
qemu-kvm security update
2018-01-04 00:00:00
qemu-kvm security update
2018-01-04 00:00:00
cloudfoundry
cloudfoundry
USN-3690-2: AMD Microcode regression | Cloud Foundry
2018-07-19 00:00:00
ubuntu
ubuntu
intel-microcode update
2018-03-29 00:00:00
libvirt update
2018-02-07 00:00:00
Intel Microcode update
2018-01-11 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2018-02-07 06:34:12
paloalto
paloalto
Meltdown and Spectre update for WildFire-500 Appliance
2018-05-15 21:35:00
virtuozzo
virtuozzo
osv
osv
CVE-2017-5715
2018-01-04 13:29:00
debiancve
debiancve
CVE-2017-5715
2018-01-04 13:29:00
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
Related for OPENVAS:13614125623114201800071