Search...

Important: systemd

2019-02-16T00:44:00

ID ALAS2-2019-1164
Type amazon
Reporter Amazon
Modified 2019-02-16T00:44:00

Description

Issue Overview:

It was found that bus_process_object() in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message. A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the bounds of the currently mapped stack region, jumping over the stack guard pages. A specifically crafted DBUS nessage could crash PID 1 and result in a subsequent kernel panic.(CVE-2019-6454 __)

Affected Packages:

systemd

Issue Correction:
Run yum update systemd to update your system.

New Packages:

aarch64:  
    systemd-219-57.amzn2.0.9.aarch64  
    systemd-libs-219-57.amzn2.0.9.aarch64  
    systemd-devel-219-57.amzn2.0.9.aarch64  
    systemd-sysv-219-57.amzn2.0.9.aarch64  
    systemd-python-219-57.amzn2.0.9.aarch64  
    libgudev1-219-57.amzn2.0.9.aarch64  
    libgudev1-devel-219-57.amzn2.0.9.aarch64  
    systemd-journal-gateway-219-57.amzn2.0.9.aarch64  
    systemd-networkd-219-57.amzn2.0.9.aarch64  
    systemd-resolved-219-57.amzn2.0.9.aarch64  
    systemd-debuginfo-219-57.amzn2.0.9.aarch64

i686:  
    systemd-219-57.amzn2.0.9.i686  
    systemd-libs-219-57.amzn2.0.9.i686  
    systemd-devel-219-57.amzn2.0.9.i686  
    systemd-sysv-219-57.amzn2.0.9.i686  
    systemd-python-219-57.amzn2.0.9.i686  
    libgudev1-219-57.amzn2.0.9.i686  
    libgudev1-devel-219-57.amzn2.0.9.i686  
    systemd-journal-gateway-219-57.amzn2.0.9.i686  
    systemd-networkd-219-57.amzn2.0.9.i686  
    systemd-resolved-219-57.amzn2.0.9.i686  
    systemd-debuginfo-219-57.amzn2.0.9.i686

src:  
    systemd-219-57.amzn2.0.9.src

x86_64:  
    systemd-219-57.amzn2.0.9.x86_64  
    systemd-libs-219-57.amzn2.0.9.x86_64  
    systemd-devel-219-57.amzn2.0.9.x86_64  
    systemd-sysv-219-57.amzn2.0.9.x86_64  
    systemd-python-219-57.amzn2.0.9.x86_64  
    libgudev1-219-57.amzn2.0.9.x86_64  
    libgudev1-devel-219-57.amzn2.0.9.x86_64  
    systemd-journal-gateway-219-57.amzn2.0.9.x86_64  
    systemd-networkd-219-57.amzn2.0.9.x86_64  
    systemd-resolved-219-57.amzn2.0.9.x86_64  
    systemd-debuginfo-219-57.amzn2.0.9.x86_64

JSON Vulners Source

Initial Source

{"id": "ALAS2-2019-1164", "bulletinFamily": "unix", "title": "Important: systemd", "description": "**Issue Overview:**\n\nIt was found that bus_process_object() in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message. A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the bounds of the currently mapped stack region, jumping over the stack guard pages. A specifically crafted DBUS nessage could crash PID 1 and result in a subsequent kernel panic.([CVE-2019-6454 __](<https://access.redhat.com/security/cve/CVE-2019-6454>))\n\n \n**Affected Packages:** \n\n\nsystemd\n\n \n**Issue Correction:** \nRun _yum update systemd_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n systemd-219-57.amzn2.0.9.aarch64 \n systemd-libs-219-57.amzn2.0.9.aarch64 \n systemd-devel-219-57.amzn2.0.9.aarch64 \n systemd-sysv-219-57.amzn2.0.9.aarch64 \n systemd-python-219-57.amzn2.0.9.aarch64 \n libgudev1-219-57.amzn2.0.9.aarch64 \n libgudev1-devel-219-57.amzn2.0.9.aarch64 \n systemd-journal-gateway-219-57.amzn2.0.9.aarch64 \n systemd-networkd-219-57.amzn2.0.9.aarch64 \n systemd-resolved-219-57.amzn2.0.9.aarch64 \n systemd-debuginfo-219-57.amzn2.0.9.aarch64 \n \n i686: \n systemd-219-57.amzn2.0.9.i686 \n systemd-libs-219-57.amzn2.0.9.i686 \n systemd-devel-219-57.amzn2.0.9.i686 \n systemd-sysv-219-57.amzn2.0.9.i686 \n systemd-python-219-57.amzn2.0.9.i686 \n libgudev1-219-57.amzn2.0.9.i686 \n libgudev1-devel-219-57.amzn2.0.9.i686 \n systemd-journal-gateway-219-57.amzn2.0.9.i686 \n systemd-networkd-219-57.amzn2.0.9.i686 \n systemd-resolved-219-57.amzn2.0.9.i686 \n systemd-debuginfo-219-57.amzn2.0.9.i686 \n \n src: \n systemd-219-57.amzn2.0.9.src \n \n x86_64: \n systemd-219-57.amzn2.0.9.x86_64 \n systemd-libs-219-57.amzn2.0.9.x86_64 \n systemd-devel-219-57.amzn2.0.9.x86_64 \n systemd-sysv-219-57.amzn2.0.9.x86_64 \n systemd-python-219-57.amzn2.0.9.x86_64 \n libgudev1-219-57.amzn2.0.9.x86_64 \n libgudev1-devel-219-57.amzn2.0.9.x86_64 \n systemd-journal-gateway-219-57.amzn2.0.9.x86_64 \n systemd-networkd-219-57.amzn2.0.9.x86_64 \n systemd-resolved-219-57.amzn2.0.9.x86_64 \n systemd-debuginfo-219-57.amzn2.0.9.x86_64 \n \n \n", "published": "2019-02-16T00:44:00", "modified": "2019-02-16T00:44:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1164.html", "reporter": "Amazon", "references": [], "cvelist": ["CVE-2019-6454"], "type": "amazon", "lastseen": "2020-11-10T12:37:41", "edition": 1, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-6454"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:0255-1", "OPENSUSE-SU-2019:0268-1", "OPENSUSE-SU-2019:1450-1"]}, {"type": "redhat", "idList": ["RHSA-2019:2805", "RHSA-2019:1502", "RHSA-2019:1322", "RHSA-2020:4298", "RHSA-2019:0368", "RHSA-2019:0457", "RHSA-2019:0990", "RHSA-2019:0461"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-0368", "ELSA-2019-0990"]}, {"type": "archlinux", "idList": ["ASA-201902-24"]}, {"type": "ubuntu", "idList": ["USN-3891-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:719A6ED27AEEE51AFE1A714D83BE8E73"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852518", "OPENVAS:1361412562310852324", "OPENVAS:1361412562311220191256", "OPENVAS:1361412562310891684", "OPENVAS:1361412562310704393", "OPENVAS:1361412562310883009", "OPENVAS:1361412562310843910", "OPENVAS:1361412562311220191196", "OPENVAS:1361412562311220191153", "OPENVAS:1361412562310852325"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4393-1:211D1", "DEBIAN:DLA-1684-1:394E8"]}, {"type": "centos", "idList": ["CESA-2019:0368"]}, {"type": "nessus", "idList": ["SUSE_SU-2019-0428-1.NASL", "OPENSUSE-2019-268.NASL", "DEBIAN_DLA-1684.NASL", "DEBIAN_DSA-4393.NASL", "REDHAT-RHSA-2019-0368.NASL", "REDHAT-RHSA-2019-1502.NASL", "REDHAT-RHSA-2019-0990.NASL", "FEDORA_2019-2DAB60E288.NASL", "EULEROS_SA-2019-1256.NASL", "SUSE_SU-2019-0425-1.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201903-07"]}, {"type": "fedora", "idList": ["FEDORA:D013361742CE", "FEDORA:E66CE6076F5E", "FEDORA:AFDBD60E76E0"]}], "modified": "2020-11-10T12:37:41", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2020-11-10T12:37:41", "rev": 2}, "vulnersScore": 6.3}, "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "libgudev1-devel-219-57.amzn2.0.9.aarch64.rpm", "packageName": "libgudev1-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-python-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-python", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-sysv-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-sysv", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-libs-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-libs", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-journal-gateway-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-journal-gateway", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-networkd-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-networkd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-networkd-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-networkd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-journal-gateway-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-journal-gateway", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-journal-gateway-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-journal-gateway", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "libgudev1-219-57.amzn2.0.9.i686.rpm", "packageName": "libgudev1", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-resolved-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-resolved", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-networkd-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-networkd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "libgudev1-devel-219-57.amzn2.0.9.x86_64.rpm", "packageName": "libgudev1-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-debuginfo-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-debuginfo", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "src", "operator": "lt", "packageFilename": "systemd-219-57.amzn2.0.9.src.rpm", "packageName": "systemd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-sysv-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-sysv", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-libs-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-libs", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-devel-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-resolved-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-resolved", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-devel-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-debuginfo-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-debuginfo", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-sysv-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-sysv", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "libgudev1-devel-219-57.amzn2.0.9.i686.rpm", "packageName": "libgudev1-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "libgudev1-219-57.amzn2.0.9.x86_64.rpm", "packageName": "libgudev1", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "libgudev1-219-57.amzn2.0.9.aarch64.rpm", "packageName": "libgudev1", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-devel-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-devel", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-python-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-python", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-libs-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-libs", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-resolved-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd-resolved", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "aarch64", "operator": "lt", "packageFilename": "systemd-debuginfo-219-57.amzn2.0.9.aarch64.rpm", "packageName": "systemd-debuginfo", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "x86_64", "operator": "lt", "packageFilename": "systemd-219-57.amzn2.0.9.x86_64.rpm", "packageName": "systemd", "packageVersion": "219-57.amzn2.0.9"}, {"OS": "Amazon Linux", "OSVersion": "2", "arch": "i686", "operator": "lt", "packageFilename": "systemd-python-219-57.amzn2.0.9.i686.rpm", "packageName": "systemd-python", "packageVersion": "219-57.amzn2.0.9"}]}

{"cve": [{"lastseen": "2020-10-03T13:38:57", "description": "An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).", "edition": 6, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-03-21T16:01:00", "title": "CVE-2019-6454", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6454"], "modified": "2019-06-04T17:29:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:opensuse:leap:15.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/a:netapp:active_iq_performance_analytics_services:-", "cpe:/o:fedoraproject:fedora:29", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:freedesktop:systemd:239", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2019-6454", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6454", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:a:freedesktop:systemd:239:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2019-02-27T15:30:10", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "This update for systemd fixes the following issues:\n\n - CVE-2019-6454: Overlong DBUS messages could be used to crash systemd\n (bsc#1125352)\n\n - units: make sure initrd-cleanup.service terminates before switching to\n rootfs (bsc#1123333)\n - logind: fix bad error propagation\n - login: log session state "closing" (as well as New/Removed)\n - logind: fix borked r check\n - login: don't remove all devices from PID1 when only one was removed\n - login: we only allow opening character devices\n - login: correct comment in session_device_free()\n - login: remember that fds received from PID1 need to be removed eventually\n - login: fix FDNAME in call to sd_pid_notify_with_fds()\n - logind: fd 0 is a valid fd\n - logind: rework sd_eviocrevoke()\n - logind: check file is device node before using .st_rdev\n - logind: use the new FDSTOREREMOVE=1 sd_notify() message (bsc#1124153)\n - core: add a new sd_notify() message for removing fds from the FD store\n again\n - logind: make sure we don't trip up on half-initialized session devices\n (bsc#1123727)\n - fd-util: accept that kcmp might fail with EPERM/EACCES\n - core: Fix use after free case in load_from_path() (bsc#1121563)\n - core: include Found state in device dumps\n - device: fix serialization and deserialization of DeviceFound\n - fix path in btrfs rule (#6844)\n - assemble multidevice btrfs volumes without external tools (#6607)\n (bsc#1117025)\n - Update systemd-system.conf.xml (bsc#1122000)\n - units: inform user that the default target is started after exiting from\n rescue or emergency mode\n - core: free lines after reading them (bsc#1123892)\n - sd-bus: if we receive an invalid dbus message, ignore and proceeed\n - automount: don't pass non-blocking pipe to kernel.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-02-27T12:15:29", "published": "2019-02-27T12:15:29", "id": "OPENSUSE-SU-2019:0255-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html", "title": "Security update for systemd (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-03-01T03:35:17", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "This update for systemd fixes the following issues:\n\n Security vulnerability fixed:\n\n - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS\n message on the system bus by an unprivileged user (bsc#1125352)\n\n Other bug fixes and changes:\n\n - journal-remote: set a limit on the number of fields in a message\n - journal-remote: verify entry length from header\n - journald: set a limit on the number of fields (1k)\n - journald: do not store the iovec entry for process commandline on stack\n - core: include Found state in device dumps\n - device: fix serialization and deserialization of DeviceFound\n - fix path in btrfs rule (#6844)\n - assemble multidevice btrfs volumes without external tools (#6607)\n (bsc#1117025)\n - Update systemd-system.conf.xml (bsc#1122000)\n - units: inform user that the default target is started after exiting from\n rescue or emergency mode\n - manager: don't skip sigchld handler for main and control pid for\n services (#3738)\n - core: Add helper functions unit_{main, control}_pid\n - manager: Fixing a debug printf formatting mistake (#3640)\n - manager: Only invoke a single sigchld per unit within a cleanup cycle\n (bsc#1117382)\n - core: update invoke_sigchld_event() to handle NULL ->sigchld_event()\n - sd-event: expose the event loop iteration counter via\n sd_event_get_iteration() (#3631)\n - unit: rework a bit how we keep the service fdstore from being destroyed\n during service restart (bsc#1122344)\n - core: when restarting services, don't close fds\n - cryptsetup: Add dependency on loopback setup to generated units\n - journal-gateway: use localStorage["cursor"] only when it has valid value\n - journal-gateway: explicitly declare local variables\n - analyze: actually select longest activated-time of services\n - sd-bus: fix implicit downcast of bitfield reported by LGTM\n - core: free lines after reading them (bsc#1123892)\n - pam_systemd: reword message about not creating a session (bsc#1111498)\n - pam_systemd: suppress LOG_DEBUG log messages if debugging is off\n (bsc#1111498)\n - main: improve RLIMIT_NOFILE handling (#5795) (bsc#1120658)\n - sd-bus: if we receive an invalid dbus message, ignore and proceeed\n - automount: don't pass non-blocking pipe to kernel.\n - units: make sure initrd-cleanup.service terminates before switching to\n rootfs (bsc#1123333)\n - units: add Wants=initrd-cleanup.service to initrd-switch-root.target\n (#4345) (bsc#1123333)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "edition": 1, "modified": "2019-03-01T00:08:52", "published": "2019-03-01T00:08:52", "id": "OPENSUSE-SU-2019:0268-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00075.html", "title": "Security update for systemd (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-05-28T02:31:31", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454", "CVE-2019-3842", "CVE-2018-6954"], "description": "This update for systemd fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-6954: Fixed a vulnerability in the symlink handling of\n systemd-tmpfiles which allowed a local user to obtain ownership of\n arbitrary files (bsc#1080919).\n - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a\n local user to escalate privileges (bsc#1132348).\n - CVE-2019-6454: Fixed a denial of service caused by long dbus messages\n (bsc#1125352).\n\n Non-security issues fixed:\n\n - systemd-coredump: generate a stack trace of all core dumps (jsc#SLE-5933)\n - udevd: notify when max number value of children is reached only once per\n batch of events (bsc#1132400)\n - sd-bus: bump message queue size again (bsc#1132721)\n - core: only watch processes when it's really necessary (bsc#955942\n bsc#1128657)\n - rules: load drivers only on "add" events (bsc#1126056)\n - sysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n - Do not automatically online memory on s390x (bsc#1127557)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "edition": 1, "modified": "2019-05-28T00:10:24", "published": "2019-05-28T00:10:24", "id": "OPENSUSE-SU-2019:1450-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html", "title": "Security update for systemd (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-02-19T14:02:57", "published": "2019-02-19T13:58:44", "id": "RHSA-2019:0368", "href": "https://access.redhat.com/errata/RHSA-2019:0368", "type": "redhat", "title": "(RHSA-2019:0368) Important: systemd security update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-18T15:27:32", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-17T17:32:32", "published": "2019-09-17T14:31:15", "id": "RHSA-2019:2805", "href": "https://access.redhat.com/errata/RHSA-2019:2805", "type": "redhat", "title": "(RHSA-2019:2805) Important: systemd security update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version: rhvm-appliance (4.2). (BZ#1679415)\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-03-05T16:02:57", "published": "2019-02-21T18:23:25", "id": "RHSA-2019:0461", "href": "https://access.redhat.com/errata/RHSA-2019:0461", "type": "redhat", "title": "(RHSA-2019:0461) Moderate: rhvm-appliance security update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:58", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [PATCH] bus-socket: Fix line_begins() to accept word matching full (BZ#1693578)", "modified": "2019-05-07T08:06:27", "published": "2019-05-07T07:41:10", "id": "RHSA-2019:0990", "href": "https://access.redhat.com/errata/RHSA-2019:0990", "type": "redhat", "title": "(RHSA-2019:0990) Moderate: systemd security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:47:14", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* systemd segfaults running test case https://github.com/systemd/systemd-fedora-ci/tree/master/issue-1981 (BZ#1711872)\n\n* Race between systemctl start (and likely others) vs systemctl daemon-reload (BZ#1711875)\n\n* systemd doesn't delete stub unit files created for session scopes (BZ#1711876)", "modified": "2019-06-04T17:44:35", "published": "2019-06-04T17:15:35", "id": "RHSA-2019:1322", "href": "https://access.redhat.com/errata/RHSA-2019:1322", "type": "redhat", "title": "(RHSA-2019:1322) Important: systemd security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:50", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Race between systemctl start (and likely others) vs systemctl daemon-reload (BZ#1709184)\n\n* systemd segfaults running test case https://github.com/systemd/systemd-fedora-ci/tree/master/issue-1981 (BZ#1709185)\n\n* systemd doesn't delete stub unit files created for session scopes (BZ#1709187)", "modified": "2019-06-18T19:37:57", "published": "2019-06-18T19:21:40", "id": "RHSA-2019:1502", "href": "https://access.redhat.com/errata/RHSA-2019:1502", "type": "redhat", "title": "(RHSA-2019:1502) Important: systemd security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3813", "CVE-2019-3831", "CVE-2019-6454"], "description": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). (BZ#1678629, BZ#1679414)\n\nSecurity Fix(es):\n\n* spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\n* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-03-05T16:02:54", "published": "2019-03-05T16:01:11", "id": "RHSA-2019:0457", "href": "https://access.redhat.com/errata/RHSA-2019:0457", "type": "redhat", "title": "(RHSA-2019:0457) Important: redhat-virtualization-host security update", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-10-28T02:16:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0169", "CVE-2016-10739", "CVE-2018-14404", "CVE-2018-14498", "CVE-2018-16890", "CVE-2018-18074", "CVE-2018-18624", "CVE-2018-18751", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20483", "CVE-2018-20657", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11070", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-11358", "CVE-2019-11459", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12450", "CVE-2019-12795", "CVE-2019-13232", "CVE-2019-13636", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14822", "CVE-2019-14973", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15718", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-16769", "CVE-2019-17451", "CVE-2019-18408", "CVE-2019-19126", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3822", "CVE-2019-3823", "CVE-2019-3825", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-5953", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-6454", "CVE-2019-6706", "CVE-2019-7146", "CVE-2019-7149", "CVE-2019-7150", "CVE-2019-7664", "CVE-2019-7665", "CVE-2019-8457", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8675", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8696", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768", "CVE-2020-10531", "CVE-2020-10715", "CVE-2020-10743", "CVE-2020-11008", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11110", "CVE-2020-12049", "CVE-2020-12052", "CVE-2020-12245", "CVE-2020-13822", "CVE-2020-14040", "CVE-2020-14336", "CVE-2020-15366", "CVE-2020-15719", "CVE-2020-1712", "CVE-2020-7013", "CVE-2020-7598", "CVE-2020-7662", "CVE-2020-8203", "CVE-2020-8559", "CVE-2020-9283"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard > Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-28T04:36:30", "published": "2020-10-27T18:57:54", "id": "RHSA-2020:4298", "href": "https://access.redhat.com/errata/RHSA-2020:4298", "type": "redhat", "title": "(RHSA-2020:4298) Moderate: OpenShift Container Platform 4.6.1 image security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-08-19T21:12:03", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "[239-13.0.1.3]\n- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792]\n- set RemoveIPC=no in logind.conf as default for OL7.2 [Orabug: 22224874]\n- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]\n- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]\n[239-13.3]\n- rebuilt\n[239-13.2]\n- Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1678641)\n- Allocate temporary strings to hold dbus paths on the heap (#1678641)\n- sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1678641)\n[239-13.1]\n- bus-socket: Fix line_begins() to accept word matching full string (#1692991)", "edition": 1, "modified": "2019-07-30T00:00:00", "published": "2019-07-30T00:00:00", "id": "ELSA-2019-0990", "href": "http://linux.oracle.com/errata/ELSA-2019-0990.html", "title": "systemd security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "[219-62.0.4]\n- do not create utmp update symlinks for reboot and poweroff [Orabug: 27854896]\n- OL7 udev rule for virtio net standby interface [Orabug: 28826743]\n- fix _netdev is missing for iscsi entry in /etc/fstab [Orabug: 25897792] (tony.l.lam@oracle.com)\n- set 'RemoveIPC=no' in logind.conf as default for OL7.2 [22224874]\n- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]\n- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]\n[219-62.5]\n- sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1667871)\n[219-62.4]\n- Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1667870)\n- Allocate temporary strings to hold dbus paths on the heap (#1667870)", "edition": 4, "modified": "2019-02-19T00:00:00", "published": "2019-02-19T00:00:00", "id": "ELSA-2019-0368", "href": "http://linux.oracle.com/errata/ELSA-2019-0368.html", "title": "systemd security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "Arch Linux Security Advisory ASA-201902-24\n==========================================\n\nSeverity: High\nDate : 2019-02-21\nCVE-ID : CVE-2019-6454\nPackage : systemd\nType : denial of service\nRemote : No\nLink : https://security.archlinux.org/AVG-906\n\nSummary\n=======\n\nThe package systemd before version 241.7-1 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 241.7-1.\n\n# pacman -Syu \"systemd>=241.7-1\"\n\nThe problem has been fixed upstream in version 241.7.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nIt was found that bus_process_object() in bus-objects.c allocates a\nbuffer on the stack large enough to temporarily store the object path\nspecified in the incoming message. A malicious unprivileged local user\nto send a message which results in the stack pointer moving outside of\nthe bounds of the currently mapped stack region, jumping over the stack\nguard pages. A specifically crafted DBUS message could crash PID 1 and\nresult in a subsequent kernel panic.\n\nImpact\n======\n\nA local attacker can cause a denial of service via a crafted DBUS\nmessage.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/61804\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1667032\nhttps://www.openwall.com/lists/oss-security/2019/02/18/3\nhttps://github.com/systemd/systemd/commit/612b74d32f970c43c14ad087ad086424792981b1\nhttps://github.com/systemd/systemd/commit/61397a60d98e368a5720b37e83f3169e3eb511c4\nhttps://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1\nhttps://security.archlinux.org/CVE-2019-6454", "modified": "2019-02-21T00:00:00", "published": "2019-02-21T00:00:00", "id": "ASA-201902-24", "href": "https://security.archlinux.org/ASA-201902-24", "type": "archlinux", "title": "[ASA-201902-24] systemd: denial of service", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:15", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "It was discovered that systemd incorrectly handled certain D-Bus messages. \nA local unprivileged attacker could exploit this in order to crash the \ninit process, resulting in a system denial-of-service (kernel panic).", "edition": 4, "modified": "2019-02-18T00:00:00", "published": "2019-02-18T00:00:00", "id": "USN-3891-1", "href": "https://ubuntu.com/security/notices/USN-3891-1", "title": "systemd vulnerability", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:44", "bulletinFamily": "software", "cvelist": ["CVE-2019-6454"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nIt was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service (kernel panic).\n\nCVEs contained in this USN include: CVE-2019-6454\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH xenial-stemcells are vulnerable, including: \n * 250.x versions prior to 250.17\n * 170.x versions prior to 170.38\n * 97.x versions prior to 97.65\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.62.0\n\n# Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells: \n * Upgrade 250.x versions to 250.17\n * Upgrade 170.x versions to 170.38\n * Upgrade 97.x versions to 97.65\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells/#ubuntu-xenial>).\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.62.0 or later.\n\n# References\n\n * [USN-3891-1](<https://usn.ubuntu.com/3891-1>)\n * [CVE-2019-6454](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-6454>)\n", "edition": 3, "modified": "2019-03-21T00:00:00", "published": "2019-03-21T00:00:00", "id": "CFOUNDRY:719A6ED27AEEE51AFE1A714D83BE8E73", "href": "https://www.cloudfoundry.org/blog/usn-3891-1/", "title": "USN-3891-1: systemd vulnerability | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-12T09:40:21", "description": "Chris Coulson discovered a flaw in systemd leading to denial of\nservice. An unprivileged user could take advantage of this issue to\ncrash PID1 by sending a specially crafted D-Bus message on the system\nbus.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n215-17+deb8u10.\n\nWe recommend that you upgrade your systemd packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-20T00:00:00", "title": "Debian DLA-1684-1 : systemd security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2019-02-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgudev-1.0-0", "p-cpe:/a:debian:debian_linux:libsystemd-daemon0", "p-cpe:/a:debian:debian_linux:libsystemd-id128-0", "p-cpe:/a:debian:debian_linux:udev", "p-cpe:/a:debian:debian_linux:systemd-dbg", "p-cpe:/a:debian:debian_linux:udev-udeb", "p-cpe:/a:debian:debian_linux:libsystemd-id128-dev", "p-cpe:/a:debian:debian_linux:libsystemd-dev", "p-cpe:/a:debian:debian_linux:libudev1", "p-cpe:/a:debian:debian_linux:gir1.2-gudev-1.0", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libsystemd-daemon-dev", "p-cpe:/a:debian:debian_linux:libsystemd-login0", "p-cpe:/a:debian:debian_linux:python3-systemd", "p-cpe:/a:debian:debian_linux:libsystemd0", "p-cpe:/a:debian:debian_linux:libgudev-1.0-dev", "p-cpe:/a:debian:debian_linux:libpam-systemd", "p-cpe:/a:debian:debian_linux:systemd", "p-cpe:/a:debian:debian_linux:systemd-sysv", "p-cpe:/a:debian:debian_linux:libsystemd-journal-dev", "p-cpe:/a:debian:debian_linux:libudev1-udeb", "p-cpe:/a:debian:debian_linux:libsystemd-journal0", "p-cpe:/a:debian:debian_linux:libudev-dev", "p-cpe:/a:debian:debian_linux:libsystemd-login-dev"], "id": "DEBIAN_DLA-1684.NASL", "href": "https://www.tenable.com/plugins/nessus/122319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1684-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122319);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-6454\");\n\n script_name(english:\"Debian DLA-1684-1 : systemd security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Coulson discovered a flaw in systemd leading to denial of\nservice. An unprivileged user could take advantage of this issue to\ncrash PID1 by sending a specially crafted D-Bus message on the system\nbus.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n215-17+deb8u10.\n\nWe recommend that you upgrade your systemd packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/02/msg00031.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/systemd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gir1.2-gudev-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgudev-1.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgudev-1.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-daemon-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-daemon0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-id128-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-id128-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-journal-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-journal0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-login-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-login0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev1-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udev-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"gir1.2-gudev-1.0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgudev-1.0-0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgudev-1.0-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-systemd\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-daemon-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-daemon0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-id128-0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-id128-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-journal-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-journal0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-login-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-login0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd0\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev-dev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev1\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev1-udeb\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-systemd\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd-dbg\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd-sysv\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udev\", reference:\"215-17+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udev-udeb\", reference:\"215-17+deb8u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T02:21:08", "description": " - Properly validate dbus paths received over dbus\n (#1678394, CVE-2019-6454)\n\n - systemd-networkd fixes: keep bond slave up if already\n attached, keep existing ip addresses and routes\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-11T00:00:00", "title": "Fedora 28 : systemd (2019-2dab60e288)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:systemd", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-2DAB60E288.NASL", "href": "https://www.tenable.com/plugins/nessus/122725", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-2dab60e288.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122725);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2019-6454\");\n script_xref(name:\"FEDORA\", value:\"2019-2dab60e288\");\n\n script_name(english:\"Fedora 28 : systemd (2019-2dab60e288)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Properly validate dbus paths received over dbus\n (#1678394, CVE-2019-6454)\n\n - systemd-networkd fixes: keep bond slave up if already\n attached, keep existing ip addresses and routes\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-2dab60e288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"systemd-238-12.git07f8cd5.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-14T06:17:16", "description": "This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\nCVE-2019-6454: Fixed a crash of PID1 by sending specially crafted\nD-BUS message on the system bus by an unprivileged user (bsc#1125352)\n\nOther bug fixes and changes: journal-remote: set a limit on the number\nof fields in a message\n\njournal-remote: verify entry length from header\n\njournald: set a limit on the number of fields (1k)\n\njournald: do not store the iovec entry for process commandline on\nstack\n\ncore: include Found state in device dumps\n\ndevice: fix serialization and deserialization of DeviceFound\n\nfix path in btrfs rule (#6844)\n\nassemble multidevice btrfs volumes without external tools (#6607)\n(bsc#1117025)\n\nUpdate systemd-system.conf.xml (bsc#1122000)\n\nunits: inform user that the default target is started after exiting\nfrom rescue or emergency mode\n\nmanager: don't skip sigchld handler for main and control pid for\nservices (#3738)\n\ncore: Add helper functions unit_{main, control}_pid\n\nmanager: Fixing a debug printf formatting mistake (#3640)\n\nmanager: Only invoke a single sigchld per unit within a cleanup cycle\n(bsc#1117382)\n\ncore: update invoke_sigchld_event() to handle NULL ->sigchld_event()\n\nsd-event: expose the event loop iteration counter via\nsd_event_get_iteration() (#3631)\n\nunit: rework a bit how we keep the service fdstore from being\ndestroyed during service restart (bsc#1122344)\n\ncore: when restarting services, don't close fds\n\ncryptsetup: Add dependency on loopback setup to generated units\n\njournal-gateway: use localStorage['cursor'] only when it has valid\nvalue\n\njournal-gateway: explicitly declare local variables\n\nanalyze: actually select longest activated-time of services\n\nsd-bus: fix implicit downcast of bitfield reported by LGTM\n\ncore: free lines after reading them (bsc#1123892)\n\npam_systemd: reword message about not creating a session (bsc#1111498)\n\npam_systemd: suppress LOG_DEBUG log messages if debugging is off\n(bsc#1111498)\n\nmain: improve RLIMIT_NOFILE handling (#5795) (bsc#1120658)\n\nsd-bus: if we receive an invalid dbus message, ignore and proceeed\n\nautomount: don't pass non-blocking pipe to kernel.\n\nunits: make sure initrd-cleanup.service terminates before switching to\nrootfs (bsc#1123333)\n\nunits: add Wants=initrd-cleanup.service to initrd-switch-root.target\n(#4345) (bsc#1123333)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 20, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-20T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0428-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2019-02-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libudev1-32bit", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0"], "id": "SUSE_SU-2019-0428-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122340", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0428-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122340);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-6454\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0428-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\nCVE-2019-6454: Fixed a crash of PID1 by sending specially crafted\nD-BUS message on the system bus by an unprivileged user (bsc#1125352)\n\nOther bug fixes and changes: journal-remote: set a limit on the number\nof fields in a message\n\njournal-remote: verify entry length from header\n\njournald: set a limit on the number of fields (1k)\n\njournald: do not store the iovec entry for process commandline on\nstack\n\ncore: include Found state in device dumps\n\ndevice: fix serialization and deserialization of DeviceFound\n\nfix path in btrfs rule (#6844)\n\nassemble multidevice btrfs volumes without external tools (#6607)\n(bsc#1117025)\n\nUpdate systemd-system.conf.xml (bsc#1122000)\n\nunits: inform user that the default target is started after exiting\nfrom rescue or emergency mode\n\nmanager: don't skip sigchld handler for main and control pid for\nservices (#3738)\n\ncore: Add helper functions unit_{main, control}_pid\n\nmanager: Fixing a debug printf formatting mistake (#3640)\n\nmanager: Only invoke a single sigchld per unit within a cleanup cycle\n(bsc#1117382)\n\ncore: update invoke_sigchld_event() to handle NULL ->sigchld_event()\n\nsd-event: expose the event loop iteration counter via\nsd_event_get_iteration() (#3631)\n\nunit: rework a bit how we keep the service fdstore from being\ndestroyed during service restart (bsc#1122344)\n\ncore: when restarting services, don't close fds\n\ncryptsetup: Add dependency on loopback setup to generated units\n\njournal-gateway: use localStorage['cursor'] only when it has valid\nvalue\n\njournal-gateway: explicitly declare local variables\n\nanalyze: actually select longest activated-time of services\n\nsd-bus: fix implicit downcast of bitfield reported by LGTM\n\ncore: free lines after reading them (bsc#1123892)\n\npam_systemd: reword message about not creating a session (bsc#1111498)\n\npam_systemd: suppress LOG_DEBUG log messages if debugging is off\n(bsc#1111498)\n\nmain: improve RLIMIT_NOFILE handling (#5795) (bsc#1120658)\n\nsd-bus: if we receive an invalid dbus message, ignore and proceeed\n\nautomount: don't pass non-blocking pipe to kernel.\n\nunits: make sure initrd-cleanup.service terminates before switching to\nrootfs (bsc#1123333)\n\nunits: add Wants=initrd-cleanup.service to initrd-switch-root.target\n(#4345) (bsc#1123333)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122000\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125352\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190428-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?70e14832\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-428=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-428=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-428=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-428=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-428=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-428=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-428=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-428=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-428=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-428=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-428=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-428=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debugsource-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-sysvinit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debugsource-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-sysvinit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debugsource-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-sysvinit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-228-150.63.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.63.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:16:49", "description": "An update for systemd is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [PATCH] bus-socket: Fix line_begins() to accept word matching full\n(BZ# 1693578)", "edition": 18, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-07T00:00:00", "title": "RHEL 8 : systemd (RHSA-2019:0990)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:systemd-debugsource", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-tests-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-pam-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-tests", "p-cpe:/a:redhat:enterprise_linux:systemd-container-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-pam", "p-cpe:/a:redhat:enterprise_linux:systemd-libs-debuginfo", "cpe:/o:redhat:enterprise_linux:8.0", "p-cpe:/a:redhat:enterprise_linux:systemd-udev", "p-cpe:/a:redhat:enterprise_linux:systemd-udev-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-container", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:systemd-libs"], "id": "REDHAT-RHSA-2019-0990.NASL", "href": "https://www.tenable.com/plugins/nessus/124672", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0990. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124672);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-6454\");\n script_xref(name:\"RHSA\", value:\"2019:0990\");\n\n script_name(english:\"RHEL 8 : systemd (RHSA-2019:0990)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [PATCH] bus-socket: Fix line_begins() to accept word matching full\n(BZ# 1693578)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6454\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-pam-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0990\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-container-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-container-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-container-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-container-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-container-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-container-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-debugsource-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-debugsource-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-debugsource-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-devel-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-devel-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-devel-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-journal-remote-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-journal-remote-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-journal-remote-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-journal-remote-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-journal-remote-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-libs-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-libs-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-libs-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-libs-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-libs-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-libs-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-pam-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-pam-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-pam-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-pam-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-pam-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-tests-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-tests-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-tests-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-tests-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-tests-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-udev-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-udev-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"systemd-udev-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"systemd-udev-debuginfo-239-13.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"systemd-udev-debuginfo-239-13.el8_0.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd / systemd-container / systemd-container-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T01:50:00", "description": "Chris Coulson discovered a flaw in systemd leading to denial of\nservice. An unprivileged user could take advantage of this issue to\ncrash PID1 by sending a specially crafted D-Bus message on the system\nbus.", "edition": 19, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-19T00:00:00", "title": "Debian DSA-4393-1 : systemd - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:systemd", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4393.NASL", "href": "https://www.tenable.com/plugins/nessus/122270", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4393. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122270);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/13\");\n\n script_cve_id(\"CVE-2019-6454\");\n script_xref(name:\"DSA\", value:\"4393\");\n\n script_name(english:\"Debian DSA-4393-1 : systemd - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Coulson discovered a flaw in systemd leading to denial of\nservice. An unprivileged user could take advantage of this issue to\ncrash PID1 by sending a specially crafted D-Bus message on the system\nbus.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4393\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the systemd packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 232-25+deb9u9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnss-myhostname\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-mymachines\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-resolve\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-systemd\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-systemd\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd-dev\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd0\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev-dev\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1-udeb\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-container\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-coredump\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-journal-remote\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-sysv\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev\", reference:\"232-25+deb9u9\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev-udeb\", reference:\"232-25+deb9u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T08:55:21", "description": "According to the version of the systemd packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - It was discovered that systemd allocates a buffer large\n enough to store the path field of a dbus message\n without performing enough checks. A local attacker may\n trigger this flaw by sending a dbus message to systemd\n with a large path making systemd crash or possibly\n elevating his privileges.i1/4^CVE-2019-6454i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-04-04T00:00:00", "title": "EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1256)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2019-04-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libgudev1", "p-cpe:/a:huawei:euleros:systemd-sysv", "p-cpe:/a:huawei:euleros:systemd", "p-cpe:/a:huawei:euleros:systemd-resolved", "p-cpe:/a:huawei:euleros:systemd-python", "p-cpe:/a:huawei:euleros:systemd-libs", "p-cpe:/a:huawei:euleros:systemd-networkd", "p-cpe:/a:huawei:euleros:systemd-devel", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1256.NASL", "href": "https://www.tenable.com/plugins/nessus/123724", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123724);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-6454\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1256)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the systemd packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - It was discovered that systemd allocates a buffer large\n enough to store the path field of a dbus message\n without performing enough checks. A local attacker may\n trigger this flaw by sending a dbus message to systemd\n with a large path making systemd crash or possibly\n elevating his privileges.i1/4^CVE-2019-6454i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1256\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e23264ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected systemd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libgudev1-219-57.h71\",\n \"systemd-219-57.h71\",\n \"systemd-devel-219-57.h71\",\n \"systemd-libs-219-57.h71\",\n \"systemd-networkd-219-57.h71\",\n \"systemd-python-219-57.h71\",\n \"systemd-resolved-219-57.h71\",\n \"systemd-sysv-219-57.h71\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:18:19", "description": "An update for systemd is now available for Red Hat Enterprise Linux\n7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Race between systemctl start (and likely others) vs systemctl\ndaemon-reload (BZ#1709184)\n\n* systemd segfaults running test case https://github.com/systemd/\nsystemd-fedora-ci/tree/master/issue-1981 (BZ#1709185)\n\n* systemd doesn't delete stub unit files created for session scopes\n(BZ# 1709187)", "edition": 18, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-06-19T00:00:00", "title": "RHEL 7 : systemd (RHSA-2019:1502)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:systemd-networkd", "p-cpe:/a:redhat:enterprise_linux:libgudev1", "p-cpe:/a:redhat:enterprise_linux:systemd-sysv", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:systemd-python", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway", "p-cpe:/a:redhat:enterprise_linux:systemd-resolved", "p-cpe:/a:redhat:enterprise_linux:libgudev1-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-libs"], "id": "REDHAT-RHSA-2019-1502.NASL", "href": "https://www.tenable.com/plugins/nessus/126025", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1502. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126025);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-6454\");\n script_xref(name:\"RHSA\", value:\"2019:1502\");\n\n script_name(english:\"RHEL 7 : systemd (RHSA-2019:1502)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux\n7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Race between systemctl start (and likely others) vs systemctl\ndaemon-reload (BZ#1709184)\n\n* systemd segfaults running test case https://github.com/systemd/\nsystemd-fedora-ci/tree/master/issue-1981 (BZ#1709185)\n\n* systemd doesn't delete stub unit files created for session scopes\n(BZ# 1709187)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6454\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.4\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1502\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"libgudev1-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"libgudev1-devel-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-debuginfo-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-devel-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-journal-gateway-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-journal-gateway-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-libs-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-networkd-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-networkd-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-python-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-python-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-resolved-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-sysv-219-42.el7_4.16\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-sysv-219-42.el7_4.16\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-23T16:44:46", "description": "This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\n - CVE-2019-6454: Fixed a crash of PID1 by sending\n specially crafted D-BUS message on the system bus by an\n unprivileged user (bsc#1125352)\n\nOther bug fixes and changes :\n\n - journal-remote: set a limit on the number of fields in a\n message\n\n - journal-remote: verify entry length from header\n\n - journald: set a limit on the number of fields (1k)\n\n - journald: do not store the iovec entry for process\n commandline on stack\n\n - core: include Found state in device dumps\n\n - device: fix serialization and deserialization of\n DeviceFound\n\n - fix path in btrfs rule (#6844)\n\n - assemble multidevice btrfs volumes without external\n tools (#6607) (bsc#1117025)\n\n - Update systemd-system.conf.xml (bsc#1122000)\n\n - units: inform user that the default target is started\n after exiting from rescue or emergency mode\n\n - manager: don't skip sigchld handler for main and control\n pid for services (#3738)\n\n - core: Add helper functions unit_(main, control)_pid\n\n - manager: Fixing a debug printf formatting mistake\n (#3640)\n\n - manager: Only invoke a single sigchld per unit within a\n cleanup cycle (bsc#1117382)\n\n - core: update invoke_sigchld_event() to handle NULL\n ->sigchld_event()\n\n - sd-event: expose the event loop iteration counter via\n sd_event_get_iteration() (#3631)\n\n - unit: rework a bit how we keep the service fdstore from\n being destroyed during service restart (bsc#1122344)\n\n - core: when restarting services, don't close fds\n\n - cryptsetup: Add dependency on loopback setup to\n generated units\n\n - journal-gateway: use localStorage['cursor'] only when it\n has valid value\n\n - journal-gateway: explicitly declare local variables\n\n - analyze: actually select longest activated-time of\n services\n\n - sd-bus: fix implicit downcast of bitfield reported by\n LGTM\n\n - core: free lines after reading them (bsc#1123892)\n\n - pam_systemd: reword message about not creating a session\n (bsc#1111498)\n\n - pam_systemd: suppress LOG_DEBUG log messages if\n debugging is off (bsc#1111498)\n\n - main: improve RLIMIT_NOFILE handling (#5795)\n (bsc#1120658)\n\n - sd-bus: if we receive an invalid dbus message, ignore\n and proceeed\n\n - automount: don't pass non-blocking pipe to kernel.\n\n - units: make sure initrd-cleanup.service terminates\n before switching to rootfs (bsc#1123333)\n\n - units: add Wants=initrd-cleanup.service to\n initrd-switch-root.target (#4345) (bsc#1123333)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-01T00:00:00", "title": "openSUSE Security Update : systemd (openSUSE-2019-268)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2019-03-01T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit", "p-cpe:/a:novell:opensuse:udev", "p-cpe:/a:novell:opensuse:systemd-bash-completion", "p-cpe:/a:novell:opensuse:nss-myhostname", "p-cpe:/a:novell:opensuse:systemd-mini", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit", "p-cpe:/a:novell:opensuse:systemd-debuginfo", "p-cpe:/a:novell:opensuse:udev-mini-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-32bit", "p-cpe:/a:novell:opensuse:systemd-sysvinit", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo", "p-cpe:/a:novell:opensuse:udev-debuginfo", "p-cpe:/a:novell:opensuse:libudev-mini-devel", "p-cpe:/a:novell:opensuse:systemd-logger", "p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo", "p-cpe:/a:novell:opensuse:libudev1", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo", "p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo", "p-cpe:/a:novell:opensuse:systemd-devel", "p-cpe:/a:novell:opensuse:libsystemd0", "p-cpe:/a:novell:opensuse:systemd-32bit", "p-cpe:/a:novell:opensuse:systemd-mini-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-bash-completion", "p-cpe:/a:novell:opensuse:libudev-devel", "p-cpe:/a:novell:opensuse:systemd-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-sysvinit", "p-cpe:/a:novell:opensuse:systemd-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libudev-mini1", "p-cpe:/a:novell:opensuse:systemd", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:libudev1-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit", "p-cpe:/a:novell:opensuse:udev-mini", "p-cpe:/a:novell:opensuse:systemd-mini-devel", "p-cpe:/a:novell:opensuse:nss-mymachines", "p-cpe:/a:novell:opensuse:libsystemd0-mini"], "id": "OPENSUSE-2019-268.NASL", "href": "https://www.tenable.com/plugins/nessus/122529", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-268.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122529);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2019-6454\");\n\n script_name(english:\"openSUSE Security Update : systemd (openSUSE-2019-268)\");\n script_summary(english:\"Check for the openSUSE-2019-268 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\n - CVE-2019-6454: Fixed a crash of PID1 by sending\n specially crafted D-BUS message on the system bus by an\n unprivileged user (bsc#1125352)\n\nOther bug fixes and changes :\n\n - journal-remote: set a limit on the number of fields in a\n message\n\n - journal-remote: verify entry length from header\n\n - journald: set a limit on the number of fields (1k)\n\n - journald: do not store the iovec entry for process\n commandline on stack\n\n - core: include Found state in device dumps\n\n - device: fix serialization and deserialization of\n DeviceFound\n\n - fix path in btrfs rule (#6844)\n\n - assemble multidevice btrfs volumes without external\n tools (#6607) (bsc#1117025)\n\n - Update systemd-system.conf.xml (bsc#1122000)\n\n - units: inform user that the default target is started\n after exiting from rescue or emergency mode\n\n - manager: don't skip sigchld handler for main and control\n pid for services (#3738)\n\n - core: Add helper functions unit_(main, control)_pid\n\n - manager: Fixing a debug printf formatting mistake\n (#3640)\n\n - manager: Only invoke a single sigchld per unit within a\n cleanup cycle (bsc#1117382)\n\n - core: update invoke_sigchld_event() to handle NULL\n ->sigchld_event()\n\n - sd-event: expose the event loop iteration counter via\n sd_event_get_iteration() (#3631)\n\n - unit: rework a bit how we keep the service fdstore from\n being destroyed during service restart (bsc#1122344)\n\n - core: when restarting services, don't close fds\n\n - cryptsetup: Add dependency on loopback setup to\n generated units\n\n - journal-gateway: use localStorage['cursor'] only when it\n has valid value\n\n - journal-gateway: explicitly declare local variables\n\n - analyze: actually select longest activated-time of\n services\n\n - sd-bus: fix implicit downcast of bitfield reported by\n LGTM\n\n - core: free lines after reading them (bsc#1123892)\n\n - pam_systemd: reword message about not creating a session\n (bsc#1111498)\n\n - pam_systemd: suppress LOG_DEBUG log messages if\n debugging is off (bsc#1111498)\n\n - main: improve RLIMIT_NOFILE handling (#5795)\n (bsc#1120658)\n\n - sd-bus: if we receive an invalid dbus message, ignore\n and proceeed\n\n - automount: don't pass non-blocking pipe to kernel.\n\n - units: make sure initrd-cleanup.service terminates\n before switching to rootfs (bsc#1123333)\n\n - units: add Wants=initrd-cleanup.service to\n initrd-switch-root.target (#4345) (bsc#1123333)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122000\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1125352\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-devel-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini-devel-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-bash-completion-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debugsource-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-devel-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-logger-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-bash-completion-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debugsource-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-devel-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-sysvinit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-sysvinit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-debuginfo-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-debuginfo-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-68.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsystemd0-mini / libsystemd0-mini-debuginfo / libudev-mini-devel / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-14T06:17:16", "description": "This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\nCVE-2019-6454: Fixed a crash of PID1 by sending specially crafted\nD-BUS message on the system bus by an unprivileged user (bsc#1125352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 20, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-19T00:00:00", "title": "SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0425-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2019-02-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgudev-1_0-0-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libgudev-1_0-0-debuginfo-32bit", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:libudev-devel", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:libgudev-1_0-0-32bit", "p-cpe:/a:novell:suse_linux:libgudev-1_0-0", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-devel", "p-cpe:/a:novell:suse_linux:typelib-1_0-GUdev-1_0", "p-cpe:/a:novell:suse_linux:libgudev-1_0-devel"], "id": "SUSE_SU-2019-0425-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122311", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0425-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122311);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-6454\");\n\n script_name(english:\"SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0425-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd fixes the following issues :\n\nSecurity vulnerability fixed :\n\nCVE-2019-6454: Fixed a crash of PID1 by sending specially crafted\nD-BUS message on the system bus by an unprivileged user (bsc#1125352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6454/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190425-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?64b5610b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-425=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgudev-1_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgudev-1_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgudev-1_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgudev-1_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgudev-1_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-GUdev-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgudev-1_0-0-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgudev-1_0-0-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgudev-1_0-0-debuginfo-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgudev-1_0-0-debuginfo-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgudev-1_0-devel-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libudev-devel-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libudev1-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libudev1-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libudev1-debuginfo-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libudev1-debuginfo-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-debuginfo-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-debuginfo-32bit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-debugsource-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-devel-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"systemd-sysvinit-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"typelib-1_0-GUdev-1_0-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"udev-210-116.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"udev-debuginfo-210-116.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:15:55", "description": "An update for systemd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 18, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-02-20T00:00:00", "title": "RHEL 7 : systemd (RHSA-2019:0368)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:systemd-networkd", "p-cpe:/a:redhat:enterprise_linux:libgudev1", "p-cpe:/a:redhat:enterprise_linux:systemd-sysv", "p-cpe:/a:redhat:enterprise_linux:systemd-python", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:systemd-resolved", "p-cpe:/a:redhat:enterprise_linux:libgudev1-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-libs"], "id": "REDHAT-RHSA-2019-0368.NASL", "href": "https://www.tenable.com/plugins/nessus/122334", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0368. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122334);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/02/10\");\n\n script_cve_id(\"CVE-2019-6454\");\n script_xref(name:\"RHSA\", value:\"2019:0368\");\n\n script_name(english:\"RHEL 7 : systemd (RHSA-2019:0368)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: Insufficient input validation in bus_process_object()\nresulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6454\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0368\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"libgudev1-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libgudev1-devel-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"systemd-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"systemd-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"systemd-debuginfo-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"systemd-devel-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"systemd-journal-gateway-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"systemd-journal-gateway-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"systemd-libs-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"systemd-networkd-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"systemd-networkd-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"systemd-python-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"systemd-python-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"systemd-resolved-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"systemd-sysv-219-62.el7_6.5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"systemd-sysv-219-62.el7_6.5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-03-14T17:02:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-03-01T00:00:00", "id": "OPENVAS:1361412562310852325", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852325", "type": "openvas", "title": "openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0268-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852325\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-01 04:15:17 +0100 (Fri, 01 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0268-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0268-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00075.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the openSUSE-SU-2019:0268-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for systemd fixes the following issues:\n\n Security vulnerability fixed:\n\n - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS\n message on the system bus by an unprivileged user (bsc#1125352)\n\n Other bug fixes and changes:\n\n - journal-remote: set a limit on the number of fields in a message\n\n - journal-remote: verify entry length from header\n\n - journald: set a limit on the number of fields (1k)\n\n - journald: do not store the iovec entry for process commandline on stack\n\n - core: include Found state in device dumps\n\n - device: fix serialization and deserialization of DeviceFound\n\n - fix path in btrfs rule (#6844)\n\n - assemble multidevice btrfs volumes without external tools (#6607)\n (bsc#1117025)\n\n - Update systemd-system.conf.xml (bsc#1122000)\n\n - units: inform user that the default target is started after exiting from\n rescue or emergency mode\n\n - manager: don't skip sigchld handler for main and control pid for\n services (#3738)\n\n - core: Add helper functions unit_{main, control}_pid\n\n - manager: Fixing a debug printf formatting mistake (#3640)\n\n - manager: Only invoke a single sigchld per unit within a cleanup cycle\n (bsc#1117382)\n\n - core: update invoke_sigchld_event() to handle NULL - sigchld_event()\n\n - sd-event: expose the event loop iteration counter via\n sd_event_get_iteration() (#3631)\n\n - unit: rework a bit how we keep the service fdstore from being destroyed\n during service restart (bsc#1122344)\n\n - core: when restarting services, don't close fds\n\n - cryptsetup: Add dependency on loopback setup to generated units\n\n - journal-gateway: use localStorage['cursor'] only when it has valid value\n\n - journal-gateway: explicitly declare local variables\n\n - analyze: actually select longest activated-time of services\n\n - sd-bus: fix implicit downcast of bitfield reported by LGTM\n\n - core: free lines after reading them (bsc#1123892)\n\n - pam_systemd: reword message about not creating a session (bsc#1111498)\n\n - pam_systemd: suppress LOG_DEBUG log messages if debugging is off\n (bsc#1111498)\n\n - main: improve RLIMIT_NOFILE handling (#5795) (bsc#1120658)\n\n - sd-bus: if we receive an invalid dbus message, ignore and proceed\n\n - automount: don't pass non-blocking pipe to kernel.\n\n - units: make sure initrd-cleanup.service terminates before switching to\n rootfs (bsc#1123333)\n\n - units: add Wants=initrd-cleanup.service to initrd-switch-root.target\n (#4345) (bsc#1123333)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n insta ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"systemd on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0\", rpm:\"libsystemd0~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo\", rpm:\"libsystemd0-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini\", rpm:\"libsystemd0-mini~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini-debuginfo\", rpm:\"libsystemd0-mini-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini-devel\", rpm:\"libudev-mini-devel~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1\", rpm:\"libudev-mini1~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1-debuginfo\", rpm:\"libudev-mini1-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1\", rpm:\"libudev1~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo\", rpm:\"libudev1-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname\", rpm:\"nss-myhostname~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo\", rpm:\"nss-myhostname-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines\", rpm:\"nss-mymachines~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-debuginfo\", rpm:\"nss-mymachines-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo\", rpm:\"systemd-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debugsource\", rpm:\"systemd-debugsource~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-logger\", rpm:\"systemd-logger~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini\", rpm:\"systemd-mini~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debuginfo\", rpm:\"systemd-mini-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debugsource\", rpm:\"systemd-mini-debugsource~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-devel\", rpm:\"systemd-mini-devel~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-sysvinit\", rpm:\"systemd-mini-sysvinit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysvinit\", rpm:\"systemd-sysvinit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev\", rpm:\"udev~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-debuginfo\", rpm:\"udev-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini\", rpm:\"udev-mini~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini-debuginfo\", rpm:\"udev-mini-debuginfo~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit\", rpm:\"libsystemd0-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo-32bit\", rpm:\"libsystemd0-debuginfo-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit\", rpm:\"libudev1-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo-32bit\", rpm:\"libudev1-debuginfo-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit\", rpm:\"nss-myhostname-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo-32bit\", rpm:\"nss-myhostname-debuginfo-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit\", rpm:\"systemd-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo-32bit\", rpm:\"systemd-debuginfo-32bit~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-bash-completion\", rpm:\"systemd-bash-completion~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-bash-completion\", rpm:\"systemd-mini-bash-completion~228~68.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:33:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191256", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191256", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1256)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1256\");\n script_version(\"2020-01-23T11:36:37+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:36:37 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:36:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1256)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1256\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1256\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'systemd' package(s) announced via the EulerOS-SA-2019-1256 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.CVE-2019-6454\");\n\n script_tag(name:\"affected\", value:\"'systemd' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1\", rpm:\"libgudev1~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-libs\", rpm:\"systemd-libs~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-networkd\", rpm:\"systemd-networkd~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-python\", rpm:\"systemd-python~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-resolved\", rpm:\"systemd-resolved~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysv\", rpm:\"systemd-sysv~219~57.h71\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-04T18:46:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "Chris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.", "modified": "2019-07-04T00:00:00", "published": "2019-02-18T00:00:00", "id": "OPENVAS:1361412562310704393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704393", "type": "openvas", "title": "Debian Security Advisory DSA 4393-1 (systemd - security update)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704393\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_name(\"Debian Security Advisory DSA 4393-1 (systemd - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-18 00:00:00 +0100 (Mon, 18 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4393.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"systemd on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), this problem has been fixed in\nversion 232-25+deb9u9.\n\nWe recommend that you upgrade your systemd packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/systemd\");\n script_tag(name:\"summary\", value:\"Chris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-myhostname\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-mymachines\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-resolve\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libnss-systemd\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-systemd\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-dev\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev-dev\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev1\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-container\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-coredump\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-journal-remote\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-sysv\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"udev\", ver:\"232-25+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the ", "modified": "2019-04-05T00:00:00", "published": "2019-02-19T00:00:00", "id": "OPENVAS:1361412562310843910", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843910", "type": "openvas", "title": "Ubuntu Update for systemd USN-3891-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843910\");\n script_version(\"2019-04-05T06:55:01+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-05 06:55:01 +0000 (Fri, 05 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-19 04:04:27 +0100 (Tue, 19 Feb 2019)\");\n script_name(\"Ubuntu Update for systemd USN-3891-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3891-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3891-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the USN-3891-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that systemd incorrectly handled certain D-Bus messages.\nA local unprivileged attacker could exploit this in order to crash the\ninit process, resulting in a system denial-of-service (kernel panic).\");\n\n script_tag(name:\"affected\", value:\"systemd on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"237-3ubuntu10.13\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"237-3ubuntu10.13\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"239-7ubuntu10.8\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"239-7ubuntu10.8\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"229-4ubuntu21.16\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"systemd\", ver:\"229-4ubuntu21.16\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-29T19:26:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "Chris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.", "modified": "2020-01-29T00:00:00", "published": "2019-02-20T00:00:00", "id": "OPENVAS:1361412562310891684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891684", "type": "openvas", "title": "Debian LTS: Security Advisory for systemd (DLA-1684-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891684\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_name(\"Debian LTS: Security Advisory for systemd (DLA-1684-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-20 00:00:00 +0100 (Wed, 20 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/02/msg00031.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"systemd on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n215-17+deb8u10.\n\nWe recommend that you upgrade your systemd packages.\");\n\n script_tag(name:\"summary\", value:\"Chris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-gudev-1.0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libgudev-1.0-0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libgudev-1.0-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-systemd\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-daemon-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-daemon0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-id128-0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-id128-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-journal-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-journal0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-login-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd-login0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libsystemd0\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev-dev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libudev1\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-systemd\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-dbg\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"systemd-sysv\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"udev\", ver:\"215-17+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T17:41:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the ", "modified": "2019-04-05T00:00:00", "published": "2019-02-21T00:00:00", "id": "OPENVAS:1361412562310883009", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883009", "type": "openvas", "title": "CentOS Update for libgudev1-219-62.el7_ CESA-2019:0368 centos7", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883009\");\n script_version(\"2019-04-05T06:55:01+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-05 06:55:01 +0000 (Fri, 05 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-21 04:04:33 +0100 (Thu, 21 Feb 2019)\");\n script_name(\"CentOS Update for libgudev1-219-62.el7_ CESA-2019:0368 centos7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:0368\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-February/023202.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgudev1-219-62.el7_'\n package(s) announced via the CESA-2019:0368 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation for\nstarting services, offers on-demand starting of daemons, and keeps track of\nprocesses using Linux cgroups. In addition, it supports snapshotting and\nrestoring of the system state, maintains mount and automount points, and\nimplements an elaborate transactional dependency-based service control\nlogic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n * systemd: Insufficient input validation in bus_process_object() resulting\nin PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"libgudev1-219-62.el7_ on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1\", rpm:\"libgudev1~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1-devel\", rpm:\"libgudev1-devel~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-journal-gateway\", rpm:\"systemd-journal-gateway~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-libs\", rpm:\"systemd-libs~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-networkd\", rpm:\"systemd-networkd~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-python\", rpm:\"systemd-python~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-resolved\", rpm:\"systemd-resolved~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysv\", rpm:\"systemd-sysv~219~62.el7_6.5\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T17:03:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the ", "modified": "2020-03-13T00:00:00", "published": "2019-02-28T00:00:00", "id": "OPENVAS:1361412562310852324", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852324", "type": "openvas", "title": "openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0255-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852324\");\n script_version(\"2020-03-13T09:37:47+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 09:37:47 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-28 04:08:24 +0100 (Thu, 28 Feb 2019)\");\n script_name(\"openSUSE: Security Advisory for systemd (openSUSE-SU-2019:0255-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0255-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the openSUSE-SU-2019:0255-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for systemd fixes the following issues:\n\n - CVE-2019-6454: Overlong DBUS messages could be used to crash systemd\n (bsc#1125352)\n\n - units: make sure initrd-cleanup.service terminates before switching to\n rootfs (bsc#1123333)\n\n - logind: fix bad error propagation\n\n - login: log session state 'closing' (as well as New/Removed)\n\n - logind: fix borked r check\n\n - login: don't remove all devices from PID1 when only one was removed\n\n - login: we only allow opening character devices\n\n - login: correct comment in session_device_free()\n\n - login: remember that fds received from PID1 need to be removed eventually\n\n - login: fix FDNAME in call to sd_pid_notify_with_fds()\n\n - logind: fd 0 is a valid fd\n\n - logind: rework sd_eviocrevoke()\n\n - logind: check file is device node before using .st_rdev\n\n - logind: use the new FDSTOREREMOVE=1 sd_notify() message (bsc#1124153)\n\n - core: add a new sd_notify() message for removing fds from the FD store\n again\n\n - logind: make sure we don't trip up on half-initialized session devices\n (bsc#1123727)\n\n - fd-util: accept that kcmp might fail with EPERM/EACCES\n\n - core: Fix use after free case in load_from_path() (bsc#1121563)\n\n - core: include Found state in device dumps\n\n - device: fix serialization and deserialization of DeviceFound\n\n - fix path in btrfs rule (#6844)\n\n - assemble multidevice btrfs volumes without external tools (#6607)\n (bsc#1117025)\n\n - Update systemd-system.conf.xml (bsc#1122000)\n\n - units: inform user that the default target is started after exiting from\n rescue or emergency mode\n\n - core: free lines after reading them (bsc#1123892)\n\n - sd-bus: if we receive an invalid dbus message, ignore and proceed\n\n - automount: don't pass non-blocking pipe to kernel.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-255=1\");\n\n script_tag(name:\"affected\", value:\"systemd on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0\", rpm:\"libsystemd0~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo\", rpm:\"libsystemd0-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini\", rpm:\"libsystemd0-mini~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini-debuginfo\", rpm:\"libsystemd0-mini-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini-devel\", rpm:\"libudev-mini-devel~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1\", rpm:\"libudev-mini1~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1-debuginfo\", rpm:\"libudev-mini1-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1\", rpm:\"libudev1~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo\", rpm:\"libudev1-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname\", rpm:\"nss-myhostname~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo\", rpm:\"nss-myhostname-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines\", rpm:\"nss-mymachines~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-debuginfo\", rpm:\"nss-mymachines-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-systemd\", rpm:\"nss-systemd~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-systemd-debuginfo\", rpm:\"nss-systemd-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-container\", rpm:\"systemd-container~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-container-debuginfo\", rpm:\"systemd-container-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-coredump\", rpm:\"systemd-coredump~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-coredump-debuginfo\", rpm:\"systemd-coredump-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo\", rpm:\"systemd-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debugsource\", rpm:\"systemd-debugsource~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-logger\", rpm:\"systemd-logger~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini\", rpm:\"systemd-mini~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-container-mini\", rpm:\"systemd-mini-container-mini~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-container-mini-debuginfo\", rpm:\"systemd-mini-container-mini-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-coredump-mini\", rpm:\"systemd-mini-coredump-mini~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-coredump-mini-debuginfo\", rpm:\"systemd-mini-coredump-mini-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debuginfo\", rpm:\"systemd-mini-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debugsource\", rpm:\"systemd-mini-debugsource~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-devel\", rpm:\"systemd-mini-devel~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-sysvinit\", rpm:\"systemd-mini-sysvinit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysvinit\", rpm:\"systemd-sysvinit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev\", rpm:\"udev~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-debuginfo\", rpm:\"udev-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini\", rpm:\"udev-mini~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini-debuginfo\", rpm:\"udev-mini-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-bash-completion\", rpm:\"systemd-bash-completion~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-bash-completion\", rpm:\"systemd-mini-bash-completion~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit\", rpm:\"libsystemd0-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit-debuginfo\", rpm:\"libsystemd0-32bit-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel-32bit\", rpm:\"libudev-devel-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit\", rpm:\"libudev1-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit-debuginfo\", rpm:\"libudev1-32bit-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit\", rpm:\"nss-myhostname-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit-debuginfo\", rpm:\"nss-myhostname-32bit-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-32bit\", rpm:\"nss-mymachines-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-32bit-debuginfo\", rpm:\"nss-mymachines-32bit-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit\", rpm:\"systemd-32bit~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit-debuginfo\", rpm:\"systemd-32bit-debuginfo~234~lp150.20.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:40:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191153", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191153", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1153)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1153\");\n script_version(\"2020-01-23T11:33:07+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:07 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:07 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1153)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1153\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1153\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'systemd' package(s) announced via the EulerOS-SA-2019-1153 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\");\n\n script_tag(name:\"affected\", value:\"'systemd' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1\", rpm:\"libgudev1~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1-devel\", rpm:\"libgudev1-devel~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-libs\", rpm:\"systemd-libs~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-python\", rpm:\"systemd-python~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysv\", rpm:\"systemd-sysv~219~57.h79.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:37:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191196", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191196", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1196)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1196\");\n script_version(\"2020-01-23T11:34:11+0000\");\n script_cve_id(\"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:34:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:34:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1196)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1196\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1196\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'systemd' package(s) announced via the EulerOS-SA-2019-1196 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.(CVE-2019-6454)\");\n\n script_tag(name:\"affected\", value:\"'systemd' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgudev1\", rpm:\"libgudev1~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-libs\", rpm:\"systemd-libs~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-networkd\", rpm:\"systemd-networkd~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-python\", rpm:\"systemd-python~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-resolved\", rpm:\"systemd-resolved~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysv\", rpm:\"systemd-sysv~219~57.h73\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T17:08:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6454", "CVE-2019-3842", "CVE-2018-6954"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-05-28T00:00:00", "id": "OPENVAS:1361412562310852518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852518", "type": "openvas", "title": "openSUSE: Security Advisory for systemd (openSUSE-SU-2019:1450-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852518\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-6954\", \"CVE-2019-3842\", \"CVE-2019-6454\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-28 02:00:44 +0000 (Tue, 28 May 2019)\");\n script_name(\"openSUSE: Security Advisory for systemd (openSUSE-SU-2019:1450-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1450-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'systemd'\n package(s) announced via the openSUSE-SU-2019:1450-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for systemd fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-6954: Fixed a vulnerability in the symlink handling of\n systemd-tmpfiles which allowed a local user to obtain ownership of\n arbitrary files (bsc#1080919).\n\n - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a\n local user to escalate privileges (bsc#1132348).\n\n - CVE-2019-6454: Fixed a denial of service caused by long dbus messages\n (bsc#1125352).\n\n Non-security issues fixed:\n\n - systemd-coredump: generate a stack trace of all core dumps (jsc#SLE-5933)\n\n - udevd: notify when max number value of children is reached only once per\n batch of events (bsc#1132400)\n\n - sd-bus: bump message queue size again (bsc#1132721)\n\n - core: only watch processes when it's really necessary (bsc#955942\n bsc#1128657)\n\n - rules: load drivers only on 'add' events (bsc#1126056)\n\n - sysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n\n - Do not automatically online memory on s390x (bsc#1127557)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1450=1\");\n\n script_tag(name:\"affected\", value:\"'systemd' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0\", rpm:\"libsystemd0~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo\", rpm:\"libsystemd0-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini\", rpm:\"libsystemd0-mini~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-mini-debuginfo\", rpm:\"libsystemd0-mini-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini-devel\", rpm:\"libudev-mini-devel~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1\", rpm:\"libudev-mini1~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev-mini1-debuginfo\", rpm:\"libudev-mini1-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1\", rpm:\"libudev1~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo\", rpm:\"libudev1-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname\", rpm:\"nss-myhostname~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo\", rpm:\"nss-myhostname-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines\", rpm:\"nss-mymachines~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-mymachines-debuginfo\", rpm:\"nss-mymachines-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd\", rpm:\"systemd~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo\", rpm:\"systemd-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debugsource\", rpm:\"systemd-debugsource~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-devel\", rpm:\"systemd-devel~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-logger\", rpm:\"systemd-logger~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini\", rpm:\"systemd-mini~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debuginfo\", rpm:\"systemd-mini-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-debugsource\", rpm:\"systemd-mini-debugsource~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-devel\", rpm:\"systemd-mini-devel~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-sysvinit\", rpm:\"systemd-mini-sysvinit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-sysvinit\", rpm:\"systemd-sysvinit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev\", rpm:\"udev~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-debuginfo\", rpm:\"udev-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini\", rpm:\"udev-mini~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udev-mini-debuginfo\", rpm:\"udev-mini-debuginfo~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-bash-completion\", rpm:\"systemd-bash-completion~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-mini-bash-completion\", rpm:\"systemd-mini-bash-completion~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-32bit\", rpm:\"libsystemd0-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsystemd0-debuginfo-32bit\", rpm:\"libsystemd0-debuginfo-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-32bit\", rpm:\"libudev1-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libudev1-debuginfo-32bit\", rpm:\"libudev1-debuginfo-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-32bit\", rpm:\"nss-myhostname-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-myhostname-debuginfo-32bit\", rpm:\"nss-myhostname-debuginfo-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-32bit\", rpm:\"systemd-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"systemd-debuginfo-32bit\", rpm:\"systemd-debuginfo-32bit~228~71.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:00:58", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "Package : systemd\nVersion : 215-17+deb8u10\nCVE ID : CVE-2019-6454\n\nChris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n215-17+deb8u10.\n\nWe recommend that you upgrade your systemd packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 11, "modified": "2019-02-19T19:28:28", "published": "2019-02-19T19:28:28", "id": "DEBIAN:DLA-1684-1:394E8", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201902/msg00031.html", "title": "[SECURITY] [DLA 1684-1] systemd security update", "type": "debian", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-12T00:51:43", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4393-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 18, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : systemd\nCVE ID : CVE-2019-6454\n\nChris Coulson discovered a flaw in systemd leading to denial of service.\nAn unprivileged user could take advantage of this issue to crash PID1 by\nsending a specially crafted D-Bus message on the system bus.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 232-25+deb9u9.\n\nWe recommend that you upgrade your systemd packages.\n\nFor the detailed security status of systemd please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/systemd\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 11, "modified": "2019-02-18T17:21:09", "published": "2019-02-18T17:21:09", "id": "DEBIAN:DSA-4393-1:211D1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00034.html", "title": "[SECURITY] [DSA 4393-1] systemd security update", "type": "debian", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2020-12-08T03:38:37", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6454"], "description": "**CentOS Errata and Security Advisory** CESA-2019:0368\n\n\nThe systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es):\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-February/035240.html\n\n**Affected packages:**\nlibgudev1\nlibgudev1-devel\nsystemd\nsystemd-devel\nsystemd-journal-gateway\nsystemd-libs\nsystemd-networkd\nsystemd-python\nsystemd-resolved\nsystemd-sysv\n\n**Upstream details at:**\n", "edition": 5, "modified": "2019-02-20T20:15:20", "published": "2019-02-20T20:15:20", "id": "CESA-2019:0368", "href": "http://lists.centos.org/pipermail/centos-announce/2019-February/035240.html", "title": "libgudev1, systemd security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2019-03-11T01:51:29", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16865", "CVE-2018-16864", "CVE-2019-6454", "CVE-2018-16866"], "description": "### Background\n\nA system and service manager.\n\n### Description\n\nMultiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker could cause a Denial of Service condition or possibly execute arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll systemd users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/systemd-239-r4\"", "edition": 1, "modified": "2019-03-10T00:00:00", "published": "2019-03-10T00:00:00", "id": "GLSA-201903-07", "href": "https://security.gentoo.org/glsa/201903-07", "title": "systemd: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-15686", "CVE-2018-15688", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2019-6454"], "description": "systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution. ", "modified": "2019-02-22T03:14:37", "published": "2019-02-22T03:14:37", "id": "FEDORA:AFDBD60E76E0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: systemd-239-12.git8bca462.fc29", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-15686", "CVE-2018-15688", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2019-6454"], "description": "systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution. ", "modified": "2019-03-08T21:40:23", "published": "2019-03-08T21:40:23", "id": "FEDORA:D013361742CE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: systemd-238-12.git07f8cd5.fc28", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-15686", "CVE-2018-15688", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2019-15718", "CVE-2019-6454"], "description": "systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution. ", "modified": "2019-09-19T01:53:44", "published": "2019-09-19T01:53:44", "id": "FEDORA:E66CE6076F5E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: systemd-239-14.git33ccd62.fc29", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}