DATABASE RESOURCES PRICING ABOUT US

{"id": "ASA-201801-1", "type": "archlinux", "bulletinFamily": "unix", "title": "[ASA-201801-1] linux: multiple issues", "description": "Arch Linux Security Advisory ASA-201801-1\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17449 CVE-2017-17558\nCVE-2017-17712 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852\nCVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856\nCVE-2017-17857 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864\nCVE-2017-5754 CVE-2017-8824\nPackage : linux\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-552\n\nSummary\n=======\n\nThe package linux before version 4.14.11-1 is vulnerable to multiple\nissues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11-1.\n\n# pacman -Syu \"linux>=4.14.11-1\"\n\nThe problems have been fixed upstream in version 4.14.11.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "published": "2018-01-05T00:00:00", "modified": "2018-01-05T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://security.archlinux.org/ASA-201801-1", "reporter": "ArchLinux", "references": ["https://security.archlinux.org/AVG-552", "https://bugs.archlinux.org/task/56832", "https://bugs.chromium.org/p/project-zero/issues/detail?id=1454", "http://www.openwall.com/lists/oss-security/2017/12/21/2", "https://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f", "https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958", "https://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291", "https://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md", "https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7", "http://openwall.com/lists/oss-security/2017/12/12/7", "https://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483", "https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e", "https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1", "https://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a", "https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941", "https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03", "https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14", "https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f", "https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469", "https://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d", "https://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862", "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://meltdownattack.com", "https://xenbits.xen.org/xsa/advisory-254.html", "http://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html", "https://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf", "https://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce", "https://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76", "https://security.archlinux.org/CVE-2017-16995", "https://security.archlinux.org/CVE-2017-16996", "https://security.archlinux.org/CVE-2017-17449", "https://security.archlinux.org/CVE-2017-17558", "https://security.archlinux.org/CVE-2017-17712", "https://security.archlinux.org/CVE-2017-17805", "https://security.archlinux.org/CVE-2017-17806", "https://security.archlinux.org/CVE-2017-17852", "https://security.archlinux.org/CVE-2017-17853", "https://security.archlinux.org/CVE-2017-17854", "https://security.archlinux.org/CVE-2017-17855", "https://security.archlinux.org/CVE-2017-17856", "https://security.archlinux.org/CVE-2017-17857", "https://security.archlinux.org/CVE-2017-17862", "https://security.archlinux.org/CVE-2017-17863", "https://security.archlinux.org/CVE-2017-17864", "https://security.archlinux.org/CVE-2017-5754", "https://security.archlinux.org/CVE-2017-8824"], "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "immutableFields": [], "lastseen": "2021-07-28T14:34:05", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["SPECTRE_MELTDOWN_ADVISORY.ASC", "SPECTRE_UPDATE_ADVISORY.ASC"]}, {"type": "altlinux", "idList": ["6D899156D64EB0FD40D43A92C5EEC32C"]}, {"type": "amazon", "idList": ["ALAS-2018-939", "ALAS-2018-944", "ALAS2-2018-939"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-01-01", "ANDROID:2018-04-01", "ANDROID:2018-05-01", "ANDROID:2018-06-01", "ANDROID:2018-09-01", "ANDROID:2018-12-01"]}, {"type": "apple", "idList": ["APPLE:121C0C2C932F899F870D9D5665610ED0", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:A906ED60E2875C343BE4CB7524339858", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:F6306C158D7B30BA0A0EDD411C414BFE", "APPLE:HT208325", "APPLE:HT208327", "APPLE:HT208331", "APPLE:HT208334", "APPLE:HT208465"]}, {"type": "archlinux", "idList": ["ASA-201801-2", "ASA-201801-3", "ASA-201801-4", "ASA-201801-6"]}, {"type": "centos", "idList": ["CESA-2018:0007", "CESA-2018:0008", "CESA-2018:0151", "CESA-2018:0512", "CESA-2018:1062", "CESA-2018:1319", "CESA-2018:3083", "CESA-2019:2473"]}, {"type": "cert", "idList": ["VU:180049", "VU:584653"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0011"]}, {"type": "cisco", "idList": ["CISCO-SA-20180104-CPUSIDECHANNEL"]}, {"type": "citrix", "idList": ["CTX231390", "CTX231399", "CTX234679"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:08639CF3E8D6C946D02AFEE0F4B5B0A0", "CFOUNDRY:4DDEEFC6D5CE0AA12B5BF627FFC8D2F4", "CFOUNDRY:86B5C35F8F0E334D1CCCDAF1214EDFEF", "CFOUNDRY:8730FEC9F4689F70DBBC5917AC5BF0C6", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC"]}, {"type": "cve", "idList": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824", "CVE-2018-10471", "CVE-2018-19965"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4078-1:83863", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4082-1:58978", "DEBIAN:DSA-4120-1:7BEB7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-16995", "DEBIANCVE:CVE-2017-16996", "DEBIANCVE:CVE-2017-17449", "DEBIANCVE:CVE-2017-17558", "DEBIANCVE:CVE-2017-17712", "DEBIANCVE:CVE-2017-17805", "DEBIANCVE:CVE-2017-17806", "DEBIANCVE:CVE-2017-17852", "DEBIANCVE:CVE-2017-17853", "DEBIANCVE:CVE-2017-17854", "DEBIANCVE:CVE-2017-17855", "DEBIANCVE:CVE-2017-17856", "DEBIANCVE:CVE-2017-17857", "DEBIANCVE:CVE-2017-17862", "DEBIANCVE:CVE-2017-17863", "DEBIANCVE:CVE-2017-17864", "DEBIANCVE:CVE-2017-5754", "DEBIANCVE:CVE-2017-8824", "DEBIANCVE:CVE-2018-10471", "DEBIANCVE:CVE-2018-19965"]}, {"type": "exploitdb", "idList": ["EDB-ID:43234", "EDB-ID:45010", "EDB-ID:45058"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:04A1ABB8BD1A4A3A73FE1DCEC740292B", "EXPLOITPACK:21E02FD686B4E07E01D154BAF895DE82"]}, {"type": "f5", "idList": ["F5:K05535399", "F5:K15526101", "F5:K43339432", "F5:K54252492", "F5:K85664507", "F5:K91229003"]}, {"type": "fedora", "idList": ["FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:23E0D6075B51", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4A25C608E179", "FEDORA:4B78C604AF8C", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7F8C960BC98D", "FEDORA:87BD56087904", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:AB52460321C9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:C88F6601BD0C", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E1D7E6031252", "FEDORA:E6F08605DCE7"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "freebsd", "idList": ["74DAA370-2797-11E8-95EC-A4BADB2F4699"]}, {"type": "gentoo", "idList": ["GLSA-201810-06"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hp", "idList": ["HP:C05869091"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180106-01-CPU", "HUAWEI-SA-20180606-01-CPU"]}, {"type": "ibm", "idList": ["0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300", "174F1CB3220ED56F318FA688B5104CC5CCC2107DBECA87BE989ABF3A0091E073", "1A56C0E27437AA486509D2812836A0A7761E820321946BF730BBC1A9B185F972", "1ABA3EC50C5BB5DE641865CF34A5CAC018FE13D6CFF8FE946D2F218907356D71", "1EAA33360D6A7077DA78A614D83BA795F9BC0FC37BCEE994A81654BB9F3E8CEB", "28E683B9E1028822A2C208D0617DA2DE26079DCB38CC45919D696CC7747F906B", "2A40009A88F7F92C59723B05B8A8BC439ECB104B7E48FAB00AAABF8FE910CEF1", "2C6883C7D3865B8039726C3454BA0B0D5A6F3F11B0878992EA2AACAC9F364E05", "3540AA54A1ED51682893BA31F766B870A1375441D71B0C703E82EAA191CC0D6A", "4BDA96731BEDBE3B4D78DBA9FA7051E3DF5C22631E9222A0E15B433BB8B9B171", "567345576590494CB813B386383CCFD2CCE4CD51C93AD9D6FD80D7D632CC8257", "5D63DFA90AE05BD537122A9820FEC290A8E1FB9D0AEF4B12256F5FA09B670775", "65AEAA74B4397CD9FC1768668C6ED4E2A219B5570B2041431D7D2F5201973D4D", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "77DA9A466A7C42373FF7E0F4EB5E62474CCAD685AD37FE9457EFB7AD15F923AD", "7A53C19FF480E48C62F3A876817E646DD9329F4F75468297B786BC33EF754038", "8325E2E8632F22E10CD653162D8EFC2BD56BD809EC2298B08EF585D287E1CFA8", "87A19FB5346DA81A86907270AB84E2E3899A8B6E531102A2175D836AB9D8EBF9", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64", "A6E0AA4F7CE2CD35281870E21B59F32FD6E5217A46EC5702A87294F585538FD3", "B33FA893148E9C76925FA67166C54BB7E197EC96DD88578FEB3D80D16489F9CA", "B35331C8976936545073B60350455C602E3A6DA9E2C52BDF202502219C50D240", "C61272AAD42C3342F52FDEEAF76F6DCE5A2C3FF3C3CF7540B218B24B7CA5C12B", "CD9B5BF488F3327F1A5D08B8A25E9EF90D7304376F44A16FB3F05E06566E80FF"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00088"]}, {"type": "kitploit", "idList": ["KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID", "LENOVO:PS500151-READING-PRIVILEGED-MEMORY-WITH-A-SIDE-CHANNEL-NOSID", "LENOVO:PS500167-NOSID", "LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2018-0062", "MGASA-2018-0063", "MGASA-2018-0064", "MGASA-2018-0073", "MGASA-2018-0074", "MGASA-2018-0075", "MGASA-2018-0076", "MGASA-2018-0077", "MGASA-2018-0078", "MGASA-2018-0080", "MGASA-2018-0106", "MGASA-2018-0107", "MGASA-2018-0126", "MGASA-2018-0134", "MGASA-2018-0172", "MGASA-2018-0187", "MGASA-2018-0264", "MGASA-2018-0286"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-BPF_SIGN_EXTENSION_PRIV_ESC-"]}, {"type": "mscve", "idList": ["MS:ADV180002", "MS:ADV180018"]}, {"type": "mskb", "idList": ["KB4073065", "KB4284819", "KB4284826", "KB4284835", "KB4284860", "KB4284867", "KB4284874", "KB4284880", "KB4338815", "KB4338820", "KB4338824", "KB4338830", "KB4340583", "KB4467680", "KB4467686", "KB4467691", "KB4467696", "KB4467702", "KB4467708", "KB4480957", "KB4480960", "KB4480963", "KB4480964", "KB4480968", "KB4480970", "KB4480972", "KB4480975", "KB4493446", "KB4493448", "KB4493464", "KB4493467", "KB4493472"]}, {"type": "nessus", "idList": ["700322.PRM", "700325.PRM", "700513.PRM", "AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AL2_ALAS-2018-939.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-944.NASL", "APPLE_IOS_112_CHECK.NBIN", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-0151.NASL", "CENTOS_RHSA-2018-0512.NASL", "CENTOS_RHSA-2018-1062.NASL", "CENTOS_RHSA-2018-1319.NASL", "CENTOS_RHSA-2018-3083.NASL", "CENTOS_RHSA-2019-2473.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "CITRIX_XENSERVER_CTX234679.NASL", "DEBIAN_DLA-1200.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DSA-4073.NASL", "DEBIAN_DSA-4078.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1026.NASL", "EULEROS_SA-2018-1031.NASL", "EULEROS_SA-2018-1232.NASL", "EULEROS_SA-2018-1236.NASL", "EULEROS_SA-2019-1476.NASL", "EULEROS_SA-2019-1501.NASL", "EULEROS_SA-2019-1504.NASL", "EULEROS_SA-2019-1514.NASL", "EULEROS_SA-2019-1516.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1521.NASL", "EULEROS_SA-2019-1532.NASL", "EULEROS_SA-2019-1536.NASL", "EULEROS_SA-2019-1537.NASL", "EULEROS_SA-2019-1539.NASL", "EULEROS_SA-2019-1637.NASL", "EULEROS_SA-2019-1638.NASL", "EULEROS_SA-2019-2274.NASL", "F5_BIGIP_SOL15526101.NASL", "F5_BIGIP_SOL91229003.NASL", "FEDORA_2017-129969AA8A.NASL", "FEDORA_2017-7810B7C59F.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "FEDORA_2017-F7CB245861.NASL", "FEDORA_2018-22D5FA8A90.NASL", "FEDORA_2018-8ED5EFF2C0.NASL", "FREEBSD_PKG_74DAA370279711E895ECA4BADB2F4699.NASL", "GENTOO_GLSA-201810-06.NASL", "LINUX_KERNEL_SPECULATIVE_EXECUTION_DETECT.NBIN", "MACOSX_SECUPD2018-001.NASL", "MACOS_10_13_2.NASL", "MICROSOFT_WINDOWS_SPEC_EXECUTION.NBIN", "NEWSTART_CGSL_NS-SA-2019-0007_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0044_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0049_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-153.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-454.NASL", "OPENSUSE-2018-599.NASL", "OPENSUSE-2019-418.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-0151.NASL", "ORACLELINUX_ELSA-2018-0512.NASL", "ORACLELINUX_ELSA-2018-1062.NASL", "ORACLELINUX_ELSA-2018-1319.NASL", "ORACLELINUX_ELSA-2018-3083.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4011.NASL", "ORACLELINUX_ELSA-2018-4020.NASL", "ORACLELINUX_ELSA-2018-4022.NASL", "ORACLELINUX_ELSA-2018-4025.NASL", "ORACLELINUX_ELSA-2018-4040.NASL", "ORACLELINUX_ELSA-2018-4041.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4108.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2018-4161.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2018-4172.NASL", "ORACLELINUX_ELSA-2018-4299.NASL", "ORACLELINUX_ELSA-2018-4300.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0010.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0016.NASL", "ORACLEVM_OVMSA-2018-0017.NASL", "ORACLEVM_OVMSA-2018-0020.NASL", "ORACLEVM_OVMSA-2018-0021.NASL", "ORACLEVM_OVMSA-2018-0029.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2018-0218.NASL", "ORACLEVM_OVMSA-2018-0224.NASL", "ORACLEVM_OVMSA-2018-0236.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "ORACLEVM_OVMSA-2018-0286.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "PFSENSE_SA-18_03.NASL", "PHOTONOS_PHSA-2018-1_0-0096.NASL", "PHOTONOS_PHSA-2018-1_0-0096_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0097.NASL", "PHOTONOS_PHSA-2018-1_0-0097_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0009.NASL", "PHOTONOS_PHSA-2018-2_0-0009_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0010.NASL", "PHOTONOS_PHSA-2018-2_0-0010_LINUX.NASL", "RANCHEROS_1_1_3.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0151.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0399.NASL", "REDHAT-RHSA-2018-0496.NASL", "REDHAT-RHSA-2018-0512.NASL", "REDHAT-RHSA-2018-0654.NASL", "REDHAT-RHSA-2018-0676.NASL", "REDHAT-RHSA-2018-1062.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2018-1170.NASL", "REDHAT-RHSA-2018-1216.NASL", "REDHAT-RHSA-2018-1319.NASL", "REDHAT-RHSA-2018-1346.NASL", "REDHAT-RHSA-2018-1349.NASL", "REDHAT-RHSA-2018-1350.NASL", "REDHAT-RHSA-2018-1351.NASL", "REDHAT-RHSA-2018-1374.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2018-3083.NASL", "REDHAT-RHSA-2018-3096.NASL", "REDHAT-RHSA-2019-1170.NASL", "REDHAT-RHSA-2019-1190.NASL", "REDHAT-RHSA-2019-2473.NASL", "SLACKWARE_SSA_2018-016-01.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180125_KERNEL_ON_SL7_X.NASL", "SL_20180313_KERNEL_ON_SL6_X.NASL", "SL_20180410_KERNEL_ON_SL7_X.NASL", "SL_20180508_KERNEL_ON_SL6_X.NASL", "SL_20181030_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SMB_ADV180002_MSSQL.NASL", "SMB_NT_MS18_APR_4093112.NASL", "SMB_NT_MS18_FEB_4074590.NASL", "SMB_NT_MS18_FEB_4074591.NASL", "SMB_NT_MS18_FEB_4074592.NASL", "SMB_NT_MS18_FEB_4074596.NASL", "SMB_NT_MS18_JAN_4056888.NASL", "SMB_NT_MS18_JAN_4056890.NASL", "SMB_NT_MS18_JAN_4056891.NASL", "SMB_NT_MS18_JAN_4056892.NASL", "SMB_NT_MS18_JAN_4056893.NASL", "SMB_NT_MS18_JAN_4056897.NASL", "SMB_NT_MS18_JAN_4056898.NASL", "SMB_NT_MS18_MAR_4088875.NASL", "SMB_NT_MS18_MAR_4088876.NASL", "SMB_NT_MS18_MAR_4088877.NASL", "SUSE_SU-2017-3398-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0113-1.NASL", "SUSE_SU-2018-0114-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-0131-1.NASL", "SUSE_SU-2018-0171-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0601-1.NASL", "SUSE_SU-2018-0609-1.NASL", "SUSE_SU-2018-0638-1.NASL", "SUSE_SU-2018-0678-1.NASL", "SUSE_SU-2018-0909-1.NASL", "SUSE_SU-2018-1177-1.NASL", "SUSE_SU-2018-1181-1.NASL", "SUSE_SU-2018-1184-1.NASL", "SUSE_SU-2018-1202-1.NASL", "SUSE_SU-2018-1203-1.NASL", "SUSE_SU-2018-1216-1.NASL", "SUSE_SU-2018-1603-1.NASL", "SUSE_SU-2018-1658-1.NASL", "SUSE_SU-2018-1699-1.NASL", "SUSE_SU-2018-1699-2.NASL", "SUSE_SU-2018-2528-1.NASL", "SUSE_SU-2018-3230-1.NASL", "SUSE_SU-2021-3935-1.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3522-1.NASL", "UBUNTU_USN-3522-2.NASL", "UBUNTU_USN-3522-3.NASL", "UBUNTU_USN-3522-4.NASL", "UBUNTU_USN-3523-1.NASL", "UBUNTU_USN-3523-2.NASL", "UBUNTU_USN-3523-3.NASL", "UBUNTU_USN-3524-1.NASL", "UBUNTU_USN-3540-1.NASL", "UBUNTU_USN-3540-2.NASL", "UBUNTU_USN-3541-1.NASL", "UBUNTU_USN-3541-2.NASL", "UBUNTU_USN-3581-1.NASL", "UBUNTU_USN-3581-2.NASL", "UBUNTU_USN-3581-3.NASL", "UBUNTU_USN-3582-1.NASL", "UBUNTU_USN-3582-2.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3597-1.NASL", "UBUNTU_USN-3597-2.NASL", "UBUNTU_USN-3617-1.NASL", "UBUNTU_USN-3617-2.NASL", "UBUNTU_USN-3617-3.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3620-1.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3633-1.NASL", "UBUNTU_USN-3653-1.NASL", "UBUNTU_USN-3653-2.NASL", "UBUNTU_USN-3655-1.NASL", "UBUNTU_USN-3657-1.NASL", "UBUNTU_USN-3754-1.NASL", "VIRTUOZZO_VZA-2017-109.NASL", "VIRTUOZZO_VZA-2017-110.NASL", "VIRTUOZZO_VZA-2017-111.NASL", "VIRTUOZZO_VZA-2017-114.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-004.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VIRTUOZZO_VZA-2018-024.NASL", "VIRTUOZZO_VZA-2018-025.NASL", "VIRTUOZZO_VZA-2018-026.NASL", "VIRTUOZZO_VZA-2018-029.NASL", "VIRTUOZZO_VZA-2018-038.NASL", "VIRTUOZZO_VZA-2019-067.NASL", "VMWARE_VCENTER_VMSA-2018-0007.NASL", "XEN_SERVER_XSA-254.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4609", "NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107830", "OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310704073", "OPENVAS:1361412562310704078", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812400", "OPENVAS:1361412562310812662", "OPENVAS:1361412562310812740", "OPENVAS:1361412562310813652", "OPENVAS:1361412562310814014", "OPENVAS:1361412562310815020", "OPENVAS:1361412562310815033", "OPENVAS:1361412562310815034", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843409", "OPENVAS:1361412562310843410", "OPENVAS:1361412562310843412", "OPENVAS:1361412562310843413", "OPENVAS:1361412562310843414", "OPENVAS:1361412562310843415", "OPENVAS:1361412562310843416", "OPENVAS:1361412562310843418", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843455", "OPENVAS:1361412562310843457", "OPENVAS:1361412562310843458", "OPENVAS:1361412562310843459", "OPENVAS:1361412562310843460", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843473", "OPENVAS:1361412562310843474", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843498", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843507", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843528", "OPENVAS:1361412562310843529", "OPENVAS:1361412562310843532", "OPENVAS:1361412562310843534", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851742", "OPENVAS:1361412562310851978", "OPENVAS:1361412562310873926", "OPENVAS:1361412562310873930", "OPENVAS:1361412562310873945", "OPENVAS:1361412562310873947", "OPENVAS:1361412562310873968", "OPENVAS:1361412562310873973", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310882836", "OPENVAS:1361412562310882855", "OPENVAS:1361412562310882875", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310891232", "OPENVAS:1361412562311220181001", "OPENVAS:1361412562311220181002", "OPENVAS:1361412562311220181026", "OPENVAS:1361412562311220181031", "OPENVAS:1361412562311220181232", "OPENVAS:1361412562311220181236", "OPENVAS:1361412562311220191476", "OPENVAS:1361412562311220191501", "OPENVAS:1361412562311220191504", "OPENVAS:1361412562311220191514", "OPENVAS:1361412562311220191516", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220191521", "OPENVAS:1361412562311220191532", "OPENVAS:1361412562311220191536", "OPENVAS:1361412562311220191537", "OPENVAS:1361412562311220191539", "OPENVAS:1361412562311220191637", "OPENVAS:1361412562311220191638", "OPENVAS:1361412562311220192274"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018", "ORACLE:CPUAPR2018-3678067", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0151", "ELSA-2018-0169", "ELSA-2018-0292", "ELSA-2018-1062", "ELSA-2018-1319", "ELSA-2018-1854", "ELSA-2018-3083", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4012", "ELSA-2018-4020", "ELSA-2018-4021", "ELSA-2018-4022", "ELSA-2018-4025", "ELSA-2018-4040", "ELSA-2018-4041", "ELSA-2018-4071", "ELSA-2018-4108", "ELSA-2018-4109", "ELSA-2018-4110", "ELSA-2018-4161", "ELSA-2018-4164", "ELSA-2018-4172", "ELSA-2018-4285", "ELSA-2018-4289", "ELSA-2018-4299", "ELSA-2018-4300", "ELSA-2018-4301", "ELSA-2019-2473", "ELSA-2019-4316", "ELSA-2019-4585", "ELSA-2019-4630", "ELSA-2019-4702", "ELSA-2019-4732", "ELSA-2021-9034"]}, {"type": "osv", "idList": ["OSV:DLA-1200-1", "OSV:DLA-1232-1", "OSV:DSA-4073-1", "OSV:DSA-4078-1", "OSV:DSA-4082-1", "OSV:DSA-4120-1", "OSV:DSA-4120-2"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:145235", "PACKETSTORM:146823", "PACKETSTORM:148607"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0001"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2018-0009", "PHSA-2018-0010", "PHSA-2018-0031", "PHSA-2018-0097", "PHSA-2018-0107", "PHSA-2018-0150", "PHSA-2018-1.0-0096", "PHSA-2018-1.0-0097"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:BD020D07BF02B0790C62701D997BFD4D", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F7C32BA5E6651A8CE3584BB84A88A0C0", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2018:0007", "RHSA-2018:0008", "RHSA-2018:0009", "RHSA-2018:0010", "RHSA-2018:0011", "RHSA-2018:0016", "RHSA-2018:0017", "RHSA-2018:0018", "RHSA-2018:0020", "RHSA-2018:0021", "RHSA-2018:0022", "RHSA-2018:0044", "RHSA-2018:0045", "RHSA-2018:0046", "RHSA-2018:0047", "RHSA-2018:0089", "RHSA-2018:0090", "RHSA-2018:0091", "RHSA-2018:0092", "RHSA-2018:0151", "RHSA-2018:0182", "RHSA-2018:0292", "RHSA-2018:0399", "RHSA-2018:0464", "RHSA-2018:0496", "RHSA-2018:0502", "RHSA-2018:0512", "RHSA-2018:0654", "RHSA-2018:0676", "RHSA-2018:1062", "RHSA-2018:1129", "RHSA-2018:1130", "RHSA-2018:1170", "RHSA-2018:1216", "RHSA-2018:1319", "RHSA-2018:1346", "RHSA-2018:1374", "RHSA-2018:2948", "RHSA-2018:3083", "RHSA-2018:3096", "RHSA-2018:3822", "RHSA-2019:1046", "RHSA-2019:1170", "RHSA-2019:1190", "RHSA-2019:2473"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-16995", "RH:CVE-2017-16996", "RH:CVE-2017-17449", "RH:CVE-2017-17558", "RH:CVE-2017-17712", "RH:CVE-2017-17805", "RH:CVE-2017-17806", "RH:CVE-2017-17852", "RH:CVE-2017-17853", "RH:CVE-2017-17854", "RH:CVE-2017-17855", "RH:CVE-2017-17856", "RH:CVE-2017-17857", "RH:CVE-2017-17862", "RH:CVE-2017-17863", "RH:CVE-2017-17864", "RH:CVE-2017-5715", "RH:CVE-2017-5754", "RH:CVE-2017-8824", "RH:CVE-2018-19965", "RH:CVE-2018-3620"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654", "SECURELIST:FC1216FC2096CBEE31E247C19D68BEC5"]}, {"type": "seebug", "idList": ["SSV:97059", "SSV:97183"]}, {"type": "slackware", "idList": ["SSA-2018-016-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0408-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:1274-1", "OPENSUSE-SU-2018:1623-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0113-1", "SUSE-SU-2018:0114-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0131-1", "SUSE-SU-2018:0171-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0269-1", "SUSE-SU-2018:0272-1", "SUSE-SU-2018:0273-1", "SUSE-SU-2018:0277-1", "SUSE-SU-2018:0278-1", "SUSE-SU-2018:0280-1", "SUSE-SU-2018:0281-1", "SUSE-SU-2018:0282-1", "SUSE-SU-2018:0294-1", "SUSE-SU-2018:0296-1", "SUSE-SU-2018:0297-1", "SUSE-SU-2018:0298-1", "SUSE-SU-2018:0301-1", "SUSE-SU-2018:0340-1", "SUSE-SU-2018:0345-1", "SUSE-SU-2018:0346-1", "SUSE-SU-2018:0347-1", "SUSE-SU-2018:0383-1", "SUSE-SU-2018:0416-1", "SUSE-SU-2018:0431-1", "SUSE-SU-2018:0433-1", "SUSE-SU-2018:0436-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0482-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0601-1", "SUSE-SU-2018:0609-1", "SUSE-SU-2018:0638-1", "SUSE-SU-2018:0678-1", "SUSE-SU-2018:0909-1", "SUSE-SU-2018:0986-1", "SUSE-SU-2018:1177-1", "SUSE-SU-2018:1181-1", "SUSE-SU-2018:1184-1", "SUSE-SU-2018:1202-1", "SUSE-SU-2018:1203-1", "SUSE-SU-2018:1216-1"]}, {"type": "symantec", "idList": ["SMNTC-102371", "SMNTC-102378", "SMNTC-110486", "SMNTC-1426"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:37F5AF86E0886FC0FBDCCE15A1236586"]}, {"type": "thn", "idList": ["THN:58CFE19533148E77597FE0AC59963145", "THN:71C19B8F2C6EDB0AFDA5AA0280A20C00", "THN:788E9312DDA39D9A09855DF379A0FD4D", "THN:C4C9BC61AD42FB9F46B30ECA56F71393"]}, {"type": "threatpost", "idList": ["THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:6C364316788D445329E5596C5108A157", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:CE89F855271AB3AE3CE8B5B0C141CDC2", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034"]}, {"type": "ubuntu", "idList": ["USN-3516-1", "USN-3522-1", "USN-3522-2", "USN-3522-3", "USN-3522-4", "USN-3523-1", "USN-3523-2", "USN-3523-3", "USN-3524-1", "USN-3524-2", "USN-3525-1", "USN-3540-1", "USN-3540-2", "USN-3541-1", "USN-3541-2", "USN-3581-1", "USN-3581-2", "USN-3581-3", "USN-3582-1", "USN-3582-2", "USN-3583-1", "USN-3583-2", "USN-3597-1", "USN-3597-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3620-1", "USN-3620-2", "USN-3632-1", "USN-3633-1", "USN-3653-1", "USN-3653-2", "USN-3655-1", "USN-3655-2", "USN-3657-1", "USN-3754-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-16995", "UB:CVE-2017-16996", "UB:CVE-2017-17449", "UB:CVE-2017-17558", "UB:CVE-2017-17712", "UB:CVE-2017-17805", "UB:CVE-2017-17806", "UB:CVE-2017-17852", "UB:CVE-2017-17853", "UB:CVE-2017-17854", "UB:CVE-2017-17855", "UB:CVE-2017-17856", "UB:CVE-2017-17857", "UB:CVE-2017-17862", "UB:CVE-2017-17863", "UB:CVE-2017-17864", "UB:CVE-2017-5754", "UB:CVE-2017-8824", "UB:CVE-2018-10471", "UB:CVE-2018-1130", "UB:CVE-2018-19965"]}, {"type": "virtuozzo", "idList": ["VZA-2017-109", "VZA-2017-110", "VZA-2017-111", "VZA-2017-113", "VZA-2017-114", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-004", "VZA-2018-006", "VZA-2018-024", "VZA-2018-025", "VZA-2018-026", "VZA-2018-028", "VZA-2018-029", "VZA-2018-038", "VZA-2019-066", "VZA-2019-067"]}, {"type": "vmware", "idList": ["VMSA-2018-0007", "VMSA-2018-0007.6"]}, {"type": "xen", "idList": ["XSA-254", "XSA-279"]}, {"type": "zdt", "idList": ["1337DAY-ID-29141", "1337DAY-ID-29285", "1337DAY-ID-30003", "1337DAY-ID-30705", "1337DAY-ID-30750"]}]}, "score": {"value": 3.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["SPECTRE_MELTDOWN_ADVISORY.ASC"]}, {"type": "amazon", "idList": ["ALAS-2018-939", "ALAS-2018-944"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-05-01", "ANDROID:2018-06-01", "ANDROID:2018-09-01", "ANDROID:2018-12-01"]}, {"type": "apple", "idList": ["APPLE:121C0C2C932F899F870D9D5665610ED0", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:A906ED60E2875C343BE4CB7524339858", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:F6306C158D7B30BA0A0EDD411C414BFE", "APPLE:HT208325", "APPLE:HT208327", "APPLE:HT208331", "APPLE:HT208334", "APPLE:HT208465"]}, {"type": "archlinux", "idList": ["ASA-201801-2", "ASA-201801-4", "ASA-201801-6"]}, {"type": "centos", "idList": ["CESA-2018:0007", "CESA-2018:0008", "CESA-2018:1319", "CESA-2019:2473"]}, {"type": "cert", "idList": ["VU:584653"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0011"]}, {"type": "cisco", "idList": ["CISCO-SA-20180104-CPUSIDECHANNEL"]}, {"type": "citrix", "idList": ["CTX231390", "CTX234679"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:08639CF3E8D6C946D02AFEE0F4B5B0A0", "CFOUNDRY:4DDEEFC6D5CE0AA12B5BF627FFC8D2F4", "CFOUNDRY:86B5C35F8F0E334D1CCCDAF1214EDFEF", "CFOUNDRY:8730FEC9F4689F70DBBC5917AC5BF0C6", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC"]}, {"type": "cve", "idList": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4078-1:83863", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4120-1:7BEB7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-16995", "DEBIANCVE:CVE-2017-16996", "DEBIANCVE:CVE-2017-17449", "DEBIANCVE:CVE-2017-17558", "DEBIANCVE:CVE-2017-17712", "DEBIANCVE:CVE-2017-17805", "DEBIANCVE:CVE-2017-17806", "DEBIANCVE:CVE-2017-17852", "DEBIANCVE:CVE-2017-17853", "DEBIANCVE:CVE-2017-17854", "DEBIANCVE:CVE-2017-17855", "DEBIANCVE:CVE-2017-17856", "DEBIANCVE:CVE-2017-17857", "DEBIANCVE:CVE-2017-17862", "DEBIANCVE:CVE-2017-17863", "DEBIANCVE:CVE-2017-17864", "DEBIANCVE:CVE-2017-5754", "DEBIANCVE:CVE-2017-8824"]}, {"type": "exploitdb", "idList": ["EDB-ID:43234", "EDB-ID:45058"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:21E02FD686B4E07E01D154BAF895DE82"]}, {"type": "f5", "idList": ["F5:K05535399", "F5:K15526101", "F5:K43339432", "F5:K85664507", "F5:K91229003"]}, {"type": "fedora", "idList": ["FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:23E0D6075B51", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4A25C608E179", "FEDORA:4B78C604AF8C", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7F8C960BC98D", "FEDORA:87BD56087904", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:AB52460321C9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:C88F6601BD0C", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E1D7E6031252", "FEDORA:E6F08605DCE7"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "freebsd", "idList": ["74DAA370-2797-11E8-95EC-A4BADB2F4699"]}, {"type": "gentoo", "idList": ["GLSA-201810-06"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hp", "idList": ["HP:C05869091"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180106-01-CPU"]}, {"type": "ibm", "idList": ["9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64"]}, {"type": "kitploit", "idList": ["KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/BPF_SIGN_EXTENSION_PRIV_ESC"]}, {"type": "mscve", "idList": ["MS:ADV180002", "MS:ADV180018"]}, {"type": "mskb", "idList": ["KB4467708", "KB4493448"]}, {"type": "nessus", "idList": ["AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AL2_ALAS-2018-939.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-944.NASL", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-1319.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "CITRIX_XENSERVER_CTX234679.NASL", "DEBIAN_DLA-1200.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DSA-4073.NASL", "DEBIAN_DSA-4078.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1026.NASL", "F5_BIGIP_SOL15526101.NASL", "F5_BIGIP_SOL91229003.NASL", "FEDORA_2017-129969AA8A.NASL", "FEDORA_2017-7810B7C59F.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "FEDORA_2017-F7CB245861.NASL", "FEDORA_2018-22D5FA8A90.NASL", "FEDORA_2018-8ED5EFF2C0.NASL", "GENTOO_GLSA-201810-06.NASL", "MACOSX_SECUPD2018-001.NASL", "MACOS_10_13_2.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-454.NASL", "OPENSUSE-2019-418.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-1319.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4011.NASL", "ORACLELINUX_ELSA-2018-4025.NASL", "ORACLELINUX_ELSA-2018-4040.NASL", "ORACLELINUX_ELSA-2018-4041.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4108.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0010.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0017.NASL", "ORACLEVM_OVMSA-2018-0020.NASL", "ORACLEVM_OVMSA-2018-0021.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0399.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2018-1170.NASL", "REDHAT-RHSA-2018-1216.NASL", "REDHAT-RHSA-2018-1319.NASL", "REDHAT-RHSA-2018-1346.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2019-2473.NASL", "SLACKWARE_SSA_2018-016-01.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180508_KERNEL_ON_SL6_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SUSE_SU-2017-3398-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0113-1.NASL", "SUSE_SU-2018-0114-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-0131-1.NASL", "SUSE_SU-2018-0171-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0601-1.NASL", "SUSE_SU-2018-0609-1.NASL", "SUSE_SU-2018-0638-1.NASL", "SUSE_SU-2018-1177-1.NASL", "SUSE_SU-2018-1181-1.NASL", "SUSE_SU-2018-1184-1.NASL", "SUSE_SU-2018-1202-1.NASL", "SUSE_SU-2018-1203-1.NASL", "SUSE_SU-2018-1216-1.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3522-1.NASL", "UBUNTU_USN-3522-2.NASL", "UBUNTU_USN-3522-3.NASL", "UBUNTU_USN-3522-4.NASL", "UBUNTU_USN-3523-1.NASL", "UBUNTU_USN-3523-2.NASL", "UBUNTU_USN-3523-3.NASL", "UBUNTU_USN-3524-1.NASL", "UBUNTU_USN-3540-1.NASL", "UBUNTU_USN-3540-2.NASL", "UBUNTU_USN-3541-1.NASL", "UBUNTU_USN-3541-2.NASL", "UBUNTU_USN-3581-1.NASL", "UBUNTU_USN-3581-2.NASL", "UBUNTU_USN-3581-3.NASL", "UBUNTU_USN-3582-1.NASL", "UBUNTU_USN-3582-2.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3633-1.NASL", "VIRTUOZZO_VZA-2017-109.NASL", "VIRTUOZZO_VZA-2017-110.NASL", "VIRTUOZZO_VZA-2017-111.NASL", "VIRTUOZZO_VZA-2017-114.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-004.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VIRTUOZZO_VZA-2018-024.NASL", "VIRTUOZZO_VZA-2018-025.NASL", "VIRTUOZZO_VZA-2018-026.NASL", "VIRTUOZZO_VZA-2018-029.NASL", "VMWARE_VCENTER_VMSA-2018-0007.NASL", "XEN_SERVER_XSA-254.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704073", "OPENVAS:1361412562310704078", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812400", "OPENVAS:1361412562310812662", "OPENVAS:1361412562310812740", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843409", "OPENVAS:1361412562310843410", "OPENVAS:1361412562310843412", "OPENVAS:1361412562310843413", "OPENVAS:1361412562310843414", "OPENVAS:1361412562310843415", "OPENVAS:1361412562310843416", "OPENVAS:1361412562310843418", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843455", "OPENVAS:1361412562310843457", "OPENVAS:1361412562310843458", "OPENVAS:1361412562310843459", "OPENVAS:1361412562310843460", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843507", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851742", "OPENVAS:1361412562310851978", "OPENVAS:1361412562310873926", "OPENVAS:1361412562310873930", "OPENVAS:1361412562310873945", "OPENVAS:1361412562310873947", "OPENVAS:1361412562310873968", "OPENVAS:1361412562310873973", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310891232"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0169", "ELSA-2018-0292", "ELSA-2018-1319", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4012", "ELSA-2018-4021", "ELSA-2018-4025", "ELSA-2018-4040", "ELSA-2018-4041", "ELSA-2018-4071", "ELSA-2018-4108", "ELSA-2018-4161", "ELSA-2019-2473"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:145235", "PACKETSTORM:148607"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0001"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2018-0009", "PHSA-2018-0010", "PHSA-2018-0107", "PHSA-2018-1.0-0096", "PHSA-2018-1.0-0097"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:BD020D07BF02B0790C62701D997BFD4D", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F7C32BA5E6651A8CE3584BB84A88A0C0", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2018:1170", "RHSA-2019:2473"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-17863", "RH:CVE-2017-17864", "RH:CVE-2017-5754", "RH:CVE-2018-19965"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654"]}, {"type": "seebug", "idList": ["SSV:97059"]}, {"type": "slackware", "idList": ["SSA-2018-016-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:1274-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0113-1", "SUSE-SU-2018:0114-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0131-1", "SUSE-SU-2018:0171-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0269-1", "SUSE-SU-2018:0272-1", "SUSE-SU-2018:0273-1", "SUSE-SU-2018:0277-1", "SUSE-SU-2018:0278-1", "SUSE-SU-2018:0280-1", "SUSE-SU-2018:0281-1", "SUSE-SU-2018:0282-1", "SUSE-SU-2018:0294-1", "SUSE-SU-2018:0296-1", "SUSE-SU-2018:0297-1", "SUSE-SU-2018:0298-1", "SUSE-SU-2018:0301-1", "SUSE-SU-2018:0340-1", "SUSE-SU-2018:0345-1", "SUSE-SU-2018:0346-1", "SUSE-SU-2018:0347-1", "SUSE-SU-2018:0431-1", "SUSE-SU-2018:0433-1", "SUSE-SU-2018:0436-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0601-1", "SUSE-SU-2018:0609-1", "SUSE-SU-2018:0638-1", "SUSE-SU-2018:1177-1", "SUSE-SU-2018:1181-1", "SUSE-SU-2018:1184-1", "SUSE-SU-2018:1202-1", "SUSE-SU-2018:1203-1", "SUSE-SU-2018:1216-1"]}, {"type": "symantec", "idList": ["SMNTC-1426"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:37F5AF86E0886FC0FBDCCE15A1236586"]}, {"type": "thn", "idList": ["THN:58CFE19533148E77597FE0AC59963145", "THN:788E9312DDA39D9A09855DF379A0FD4D"]}, {"type": "threatpost", "idList": ["THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:6C364316788D445329E5596C5108A157", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:CE89F855271AB3AE3CE8B5B0C141CDC2", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034"]}, {"type": "ubuntu", "idList": ["USN-3516-1", "USN-3522-1", "USN-3522-4", "USN-3523-2", "USN-3523-3", "USN-3524-1", "USN-3524-2", "USN-3541-2", "USN-3581-1", "USN-3581-2", "USN-3581-3", "USN-3597-1", "USN-3619-2", "USN-3620-1", "USN-3620-2", "USN-3632-1", "USN-3633-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-16995", "UB:CVE-2017-16996", "UB:CVE-2017-17449", "UB:CVE-2017-17558", "UB:CVE-2017-17712", "UB:CVE-2017-17805", "UB:CVE-2017-17806", "UB:CVE-2017-17852", "UB:CVE-2017-17853", "UB:CVE-2017-17854", "UB:CVE-2017-17855", "UB:CVE-2017-17856", "UB:CVE-2017-17857", "UB:CVE-2017-17862", "UB:CVE-2017-17864", "UB:CVE-2017-5754", "UB:CVE-2017-8824"]}, {"type": "virtuozzo", "idList": ["VZA-2017-113", "VZA-2017-114", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-006", "VZA-2018-024", "VZA-2018-025", "VZA-2018-026", "VZA-2018-028", "VZA-2018-029", "VZA-2018-038", "VZA-2019-066", "VZA-2019-067"]}, {"type": "vmware", "idList": ["VMSA-2018-0007.6"]}, {"type": "xen", "idList": ["XSA-254"]}, {"type": "zdt", "idList": ["1337DAY-ID-29141", "1337DAY-ID-29285", "1337DAY-ID-30003", "1337DAY-ID-30750"]}]}, "exploitation": null, "vulnersScore": 3.3}, "affectedPackage": [{"OS": "ArchLinux", "OSVersion": "any", "arch": "any", "packageVersion": "4.14.11-1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}], "_state": {"dependencies": 1660032824, "score": 1660033902}, "_internal": {"score_hash": "58c727bd55f923bb283d33600788d1c3"}}

{"archlinux": [{"lastseen": "2021-07-28T14:34:05", "description": "Arch Linux Security Advisory ASA-201801-3\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17449 CVE-2017-17558\nCVE-2017-17712 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852\nCVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856\nCVE-2017-17857 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864\nCVE-2017-5754 CVE-2017-8824\nPackage : linux-zen\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-571\n\nSummary\n=======\n\nThe package linux-zen before version 4.14.11-1 is vulnerable to\nmultiple issues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11-1.\n\n# pacman -Syu \"linux-zen>=4.14.11-1\"\n\nThe problems have been fixed upstream in version 4.14.11.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-01-05T00:00:00", "type": "archlinux", "title": "[ASA-201801-3] linux-zen: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "modified": "2018-01-05T00:00:00", "id": "ASA-201801-3", "href": "https://security.archlinux.org/ASA-201801-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:05", "description": "Arch Linux Security Advisory ASA-201801-4\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17448 CVE-2017-17449\nCVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741\nCVE-2017-17805 CVE-2017-17806 CVE-2017-17852 CVE-2017-17853\nCVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857\nCVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754\nCVE-2017-8824\nPackage : linux-hardened\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-574\n\nSummary\n=======\n\nThe package linux-hardened before version 4.14.11.a-1 is vulnerable to\nmultiple issues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11.a-1.\n\n# pacman -Syu \"linux-hardened>=4.14.11.a-1\"\n\nThe problems have been fixed upstream in version 4.14.11.a.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17448 (access restriction bypass)\n\nIt has been discovered that net/netfilter/nfnetlink_cthelper.c in the\nLinux kernel through 4.14.4 does not require the CAP_NET_ADMIN\ncapability for new, get, and del operations, which allows local users\nto bypass intended access restrictions because the nfnl_cthelper_list\ndata structure is shared across all net namespaces.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17450 (access restriction bypass)\n\nIt has been discovered that net/netfilter/xt_osf.c in the Linux kernel\nthrough 4.14.4 does not require the CAP_NET_ADMIN capability for\nadd_callback and remove_callback operations, which allows local users\nto bypass intended access restrictions because the xt_osf_fingers data\nstructure is shared across all net namespaces.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17741 (information disclosure)\n\nThe KVM implementation in the Linux kernel through 4.14.7 allows\nattackers to obtain potentially sensitive information from kernel\nmemory, aka a write_mmio stack-based out-of-bounds read, related to\narch/x86/kvm/x86.c and include/trace/events/kvm.h.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/4b380c42f7d00a395feede754f0bc2292eebe6e5\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://git.kernel.org/linus/916a27901de01446bcf57ecca4783f6cff493309\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/e39d200fa5bf5b94a0948db0dae44c1b73b84a56\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17448\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17450\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17741\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-01-05T00:00:00", "type": "archlinux", "title": "[ASA-201801-4] linux-hardened: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "modified": "2018-01-05T00:00:00", "id": "ASA-201801-4", "href": "https://security.archlinux.org/ASA-201801-4", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:05", "description": "Arch Linux Security Advisory ASA-201801-2\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-17449 CVE-2017-17558 CVE-2017-17712\nCVE-2017-17805 CVE-2017-17806 CVE-2017-17862 CVE-2017-17863\nCVE-2017-17864\nPackage : linux-lts\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-561\n\nSummary\n=======\n\nThe package linux-lts before version 4.9.74-1 is vulnerable to multiple\nissues including denial of service, privilege escalation and\ninformation disclosure.\n\nResolution\n==========\n\nUpgrade to 4.9.74-1.\n\n# pacman -Syu \"linux-lts>=4.9.74-1\"\n\nThe problems have been fixed upstream in version 4.9.74.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem or obtain sensitive information by sniffing an nlmon interface\nfor all Netlink activity on the system.\n\nReferences\n==========\n\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-01-05T00:00:00", "type": "archlinux", "title": "[ASA-201801-2] linux-lts: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16995", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2018-01-05T00:00:00", "id": "ASA-201801-2", "href": "https://security.archlinux.org/ASA-201801-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:33:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-8ed5eff2c0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17864", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8ed5eff2c0_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-8ed5eff2c0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873973\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-05 23:59:23 +0100 (Fri, 05 Jan 2018)\");\n script_cve_id(\"CVE-2017-17857\", \"CVE-2017-17856\", \"CVE-2017-17855\", \"CVE-2017-17854\",\n \"CVE-2017-17853\", \"CVE-2017-17852\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-8ed5eff2c0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8ed5eff2c0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEFHTLFUOREQQK4DCRD46ZY3QPR6RSJ5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.11~200.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-22d5fa8a90", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17864", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_22d5fa8a90_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-22d5fa8a90\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873968\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-05 23:58:52 +0100 (Fri, 05 Jan 2018)\");\n script_cve_id(\"CVE-2017-17857\", \"CVE-2017-17856\", \"CVE-2017-17855\", \"CVE-2017-17854\",\n \"CVE-2017-17853\", \"CVE-2017-17852\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-22d5fa8a90\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-22d5fa8a90\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFRT6EBC2HJ4XLWLZZ7MATZ2EWPTADAH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.11~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-07T14:59:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3523-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-5754", "CVE-2017-17862", "CVE-2017-16995", "CVE-2017-17864"], "modified": "2019-08-06T00:00:00", "id": "OPENVAS:1361412562310843409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3523-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843409\");\n script_version(\"2019-08-06T11:17:21+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-06 11:17:21 +0000 (Tue, 06 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-10 07:39:53 +0100 (Wed, 10 Jan 2018)\");\n script_cve_id(\"CVE-2017-5754\", \"CVE-2017-17863\", \"CVE-2017-16995\", \"CVE-2017-17862\",\n \"CVE-2017-17864\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3523-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Jann Horn discovered that microprocessors\n utilizing speculative execution and indirect branch prediction may allow\n unauthorized memory reads via sidechannel attacks. This flaw is known as\n Meltdown. A local attacker could use this to expose sensitive information,\n including kernel memory. (CVE-2017-5754) Jann Horn discovered that the Berkeley\n Packet Filter (BPF) implementation in the Linux kernel did not properly check\n the relationship between pointer values and the BPF stack. A local attacker\n could use this to cause a denial of service (system crash) or possibly execute\n arbitrary code. (CVE-2017-17863) Jann Horn discovered that the Berkeley Packet\n Filter (BPF) implementation in the Linux kernel improperly performed sign\n extension in some situations. A local attacker could use this to cause a denial\n of service (system crash) or possibly execute arbitrary code. (CVE-2017-16995)\n Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)\n implementation in the Linux kernel contained a branch-pruning logic issue around\n unreachable code. A local attacker could use this to cause a denial of service.\n (CVE-2017-17862) Jann Horn discovered that the Berkeley Packet Filter (BPF)\n implementation in the Linux kernel mishandled pointer data values in some\n situations. A local attacker could use this to expose sensitive information\n (kernel memory). (CVE-2017-17864)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 17.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3523-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3523-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-25-generic\", ver:\"4.13.0-25.29\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-25-lowlatency\", ver:\"4.13.0-25.29\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.13.0.25.26\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.13.0.25.26\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-azure USN-3523-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-5754", "CVE-2017-17862", "CVE-2017-16995", "CVE-2017-17864"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843418", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843418", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3523_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-azure USN-3523-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843418\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-11 07:38:59 +0100 (Thu, 11 Jan 2018)\");\n script_cve_id(\"CVE-2017-5754\", \"CVE-2017-17863\", \"CVE-2017-16995\", \"CVE-2017-17862\",\n \"CVE-2017-17864\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-azure USN-3523-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-azure'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3523-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 17.10. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu\n 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative\n execution and indirect branch prediction may allow unauthorized memory reads via\n sidechannel attacks. This flaw is known as Meltdown. A local attacker could use\n this to expose sensitive information, including kernel memory. (CVE-2017-5754)\n Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the\n Linux kernel did not properly check the relationship between pointer values and\n the BPF stack. A local attacker could use this to cause a denial of service\n (system crash) or possibly execute arbitrary code. (CVE-2017-17863) Jann Horn\n discovered that the Berkeley Packet Filter (BPF) implementation in the Linux\n kernel improperly performed sign extension in some situations. A local attacker\n could use this to cause a denial of service (system crash) or possibly execute\n arbitrary code. (CVE-2017-16995) Alexei Starovoitov discovered that the Berkeley\n Packet Filter (BPF) implementation in the Linux kernel contained a\n branch-pruning logic issue around unreachable code. A local attacker could use\n this to cause a denial of service. (CVE-2017-17862) Jann Horn discovered that\n the Berkeley Packet Filter (BPF) implementation in the Linux kernel mishandled\n pointer data values in some situations. A local attacker could use this to to\n expose sensitive information (kernel memory). (CVE-2017-17864)\");\n script_tag(name:\"affected\", value:\"linux-azure on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3523-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3523-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1005-azure\", ver:\"4.13.0-1005.7\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1006-gcp\", ver:\"4.13.0-1006.9\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1015-oem\", ver:\"4.13.0-1015.16\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-26-generic\", ver:\"4.13.0-26.29~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-26-generic-lpae\", ver:\"4.13.0-26.29~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-26-lowlatency\", ver:\"4.13.0-26.29~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.13.0.1005.6\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.13.0.1006.8\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.13.0.26.46\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.13.0.26.46\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.13.0.1006.8\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.13.0.26.46\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.13.0.1015.18\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-07T14:59:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-3523-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-17862", "CVE-2017-16995", "CVE-2017-17864"], "modified": "2019-08-06T00:00:00", "id": "OPENVAS:1361412562310843416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843416", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-3523-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843416\");\n script_version(\"2019-08-06T11:17:21+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-06 11:17:21 +0000 (Tue, 06 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-11 07:38:41 +0100 (Thu, 11 Jan 2018)\");\n script_cve_id(\"CVE-2017-17863\", \"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17864\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3523-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Jann Horn discovered that the Berkeley\n Packet Filter (BPF) implementation in the Linux kernel did not properly check\n the relationship between pointer values and the BPF stack. A local attacker\n could use this to cause a denial of service (system crash) or possibly execute\n arbitrary code. (CVE-2017-17863) Jann Horn discovered that the Berkeley Packet\n Filter (BPF) implementation in the Linux kernel improperly performed sign\n extension in some situations. A local attacker could use this to cause a denial\n of service (system crash) or possibly execute arbitrary code. (CVE-2017-16995)\n Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)\n implementation in the Linux kernel contained a branch-pruning logic issue around\n unreachable code. A local attacker could use this to cause a denial of service.\n (CVE-2017-17862) Jann Horn discovered that the Berkeley Packet Filter (BPF)\n implementation in the Linux kernel mishandled pointer data values in some\n situations. A local attacker could use this to expose sensitive information\n (kernel memory). (CVE-2017-17864)\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 17.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3523-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3523-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1011-raspi2\", ver:\"4.13.0-1011.11\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.13.0.1011.9\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T19:02:19", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-8824Mohamed Ghannam discovered that the DCCP implementation did not\ncorrectly manage resources when a socket is disconnected and\nreconnected, potentially leading to a use-after-free. A local\nuser could use this for denial of service (crash or data\ncorruption) or possibly for privilege escalation. On systems that\ndo not already have the dccp module loaded, this can be mitigated\nby disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp falseCVE-2017-16538\nAndrey Konovalov reported that the dvb-usb-lmedm04 media driver\ndid not correctly handle some error conditions during\ninitialisation. A physically present user with a specially\ndesigned USB device can use this to cause a denial of service\n(crash).\n\nDescription truncated. Please see the references for more information.", "cvss3": {}, "published": "2017-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4073-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17863", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17862", "CVE-2017-17805", "CVE-2017-16995", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-16538", "CVE-2017-17807", "CVE-2017-16644", "CVE-2017-17864", "CVE-2017-17806"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4073-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704073\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2017-1000407\", \"CVE-2017-1000410\", \"CVE-2017-16538\", \"CVE-2017-16644\", \"CVE-2017-16995\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17712\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-8824\");\n script_name(\"Debian Security Advisory DSA 4073-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-12-23 00:00:00 +0100 (Sat, 23 Dec 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2017/dsa-4073.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 4.9.65-3+deb9u1.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/linux\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-8824Mohamed Ghannam discovered that the DCCP implementation did not\ncorrectly manage resources when a socket is disconnected and\nreconnected, potentially leading to a use-after-free. A local\nuser could use this for denial of service (crash or data\ncorruption) or possibly for privilege escalation. On systems that\ndo not already have the dccp module loaded, this can be mitigated\nby disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp falseCVE-2017-16538\nAndrey Konovalov reported that the dvb-usb-lmedm04 media driver\ndid not correctly handle some error conditions during\ninitialisation. A physically present user with a specially\ndesigned USB device can use this to cause a denial of service\n(crash).\n\nDescription truncated. Please see the references for more information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libusbip-dev\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-arm\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-s390\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-x86\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-4kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-5kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armel\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armhf\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-i386\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips64el\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mipsel\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-ppc64el\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp-lpae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common-rt\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-loongson-3\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-marvell\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-octeon\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-powerpc64le\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-4kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-5kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-686\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-armel\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-armhf\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-i386\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mips\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mips64el\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mipsel\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-ppc64el\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-armmp\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-armmp-lpae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-common\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-common-rt\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-loongson-3\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-marvell\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-octeon\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-powerpc64le\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-rt-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-rt-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-4kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-4kc-malta-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-5kc-malta\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-5kc-malta-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-pae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-amd64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-arm64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-arm64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-lpae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-lpae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-loongson-3\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-loongson-3-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-marvell\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-marvell-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-octeon\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-octeon-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-powerpc64le\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-powerpc64le-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-686-pae\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-686-pae-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-amd64\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-amd64-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-s390x\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-s390x-dbg\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-3\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-4\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"usbip\", ver:\"4.9.65-3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:07:49", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-5754\n\nMultiple researchers have discovered a vulnerability in Intel\nprocessors, enabling an attacker controlling an unprivileged\nprocess to read memory from arbitrary addresses, including from\nthe kernel and all other processes running on the system.\n\nThis specific attack has been named Meltdown and is addressed in\nthe Linux kernel for the Intel x86-64 architecture by a patch set\nnamed Kernel Page Table Isolation, enforcing a near complete\nseparation of the kernel and userspace address maps and preventing\nthe attack. This solution might have a performance impact, and can\nbe disabled at boot time by passing `pti=off", "cvss3": {}, "published": "2018-01-09T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-1232-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5754", "CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-17807", "CVE-2017-17806"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891232", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891232\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-17558\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-5754\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-1232-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-09 00:00:00 +0100 (Tue, 09 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n3.2.96-3.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-5754\n\nMultiple researchers have discovered a vulnerability in Intel\nprocessors, enabling an attacker controlling an unprivileged\nprocess to read memory from arbitrary addresses, including from\nthe kernel and all other processes running on the system.\n\nThis specific attack has been named Meltdown and is addressed in\nthe Linux kernel for the Intel x86-64 architecture by a patch set\nnamed Kernel Page Table Isolation, enforcing a near complete\nseparation of the kernel and userspace address maps and preventing\nthe attack. This solution might have a performance impact, and can\nbe disabled at boot time by passing `pti=off' to the kernel\ncommand line.\n\nCVE-2017-17558\n\nAndrey Konovalov reported that that USB core did not correctly\nhandle some error conditions during initialisation. A physically\npresent user with a specially designed USB device can use this to\ncause a denial of service (crash or memory corruption), or\npossibly for privilege escalation.\n\nCVE-2017-17741\n\nDmitry Vyukov reported that the KVM implementation for x86 would\nover-read data from memory when emulating an MMIO write if the\nkvm_mmio tracepoint was enabled. A guest virtual machine might be\nable to use this to cause a denial of service (crash).\n\nCVE-2017-17805\n\nIt was discovered that some implementations of the Salsa20 block\ncipher did not correctly handle zero-length input. A local user\ncould use this to cause a denial of service (crash) or possibly\nhave other security impact.\n\nCVE-2017-17806\n\nIt was discovered that the HMAC implementation could be used with\nan underlying hash algorithm that requires a key, which was not\nintended. A local user could use this to cause a denial of\nservice (crash or memory corruption), or possibly for privilege\nescalation.\n\nCVE-2017-17807\n\nEric Biggers discovered that the KEYS subsystem lacked a check for\nwrite permission when adding keys to a process's default keyring.\nA local user could use this to cause a denial of service or to\nobtain sensitive information.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-486\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armel\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-armhf\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-all-i386\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-common-rt\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-iop32x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-ixp4xx\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-kirkwood\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mv78xx0\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-mx5\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-omap\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-orion5x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-rt-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-versatile\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.2.0-5-vexpress\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-486\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-686-pae-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-amd64-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-iop32x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-ixp4xx\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-kirkwood\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mv78xx0\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-mx5\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-omap\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-orion5x\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-686-pae-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-rt-amd64-dbg\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-versatile\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.2.0-5-vexpress\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.2.0-5\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-686-pae\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-5-amd64\", ver:\"3.2.96-3\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:35:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-05T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0023-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-17805", "CVE-2017-5715", "CVE-2017-17806"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851677", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851677", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851677\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-05 23:57:00 +0100 (Fri, 05 Jan 2018)\");\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\",\n \"CVE-2017-5754\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0023-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.2 kernel was updated to 4.4.104 to receive various\n security and bugfixes.\n\n This update adds mitigations for various side channel attacks against\n modern CPUs that could disclose content of otherwise unreadable memory\n (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern\n CPUs featuring deep instruction pipelining could use attacker\n controllable speculative execution over code patterns in the Linux\n Kernel to leak content from otherwise not readable memory in the same\n address space, allowing retrieval of passwords, cryptographic keys and\n other secrets.\n\n This problem is mitigated by adding speculative fencing on affected code\n paths throughout the Linux kernel.\n\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern\n CPUs featuring branch prediction could use mispredicted branches to\n speculatively execute code patterns that in turn could be made to leak\n other non-readable content in the same address space, an attack similar\n to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive branches, depending\n on CPU architecture either by firmware updates and/or fixes in the\n user-kernel privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on updated firmware\n or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be disabled using\n the 'nospec' kernel commandline option.\n\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern\n CPUs featuring deep instruction pipelining could use code patterns in\n userspace to speculative executive code that would read\n otherwise read protected memory, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel from the user\n address space during user code execution, following a approach called\n 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'\n and 'PTI' / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the 'pti=[onoffauto]' or\n 'nopti' commandline options.\n\n The following security bugs were fixed:\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux\n kernel did not validate that the underlying cryptographic hash algorithm\n is unkeyed, allowing a local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\n executing a crafted sequence of system calls that encounter a missing.\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0023-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.104~18.44.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:39:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-01-05T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0022-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-17805", "CVE-2017-5715", "CVE-2017-17806"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851678", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851678\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-05 23:57:13 +0100 (Fri, 05 Jan 2018)\");\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\",\n \"CVE-2017-5754\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0022-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was\n updated to 4.4.104 to receive various security and bugfixes.\n\n This update adds mitigations for various side channel attacks against\n modern CPUs that could disclose content of otherwise unreadable memory\n (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern\n CPUs featuring deep instruction pipelining could use attacker\n controllable speculative execution over code patterns in the Linux\n Kernel to leak content from otherwise not readable memory in the same\n address space, allowing retrieval of passwords, cryptographic keys and\n other secrets.\n\n This problem is mitigated by adding speculative fencing on affected code\n paths throughout the Linux kernel.\n\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern\n CPUs featuring branch prediction could use mispredicted branches to\n speculatively execute code patterns that in turn could be made to leak\n other non-readable content in the same address space, an attack similar\n to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive branches, depending\n on CPU architecture either by firmware updates and/or fixes in the\n user-kernel privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on updated firmware\n or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be disabled using\n the 'nospec' kernel commandline option.\n\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern\n CPUs featuring deep instruction pipelining could use code patterns in\n userspace to speculative executive code that would read\n otherwise read protected memory, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel from the user\n address space during user code execution, following a approach called\n 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'\n and 'PTI' / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the 'pti=[onoffauto]' or\n 'nopti' commandline options.\n\n\n The following security bugs were fixed:\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux\n kernel did not validate that the underlying cryptographic hash algorithm\n is unkeyed, allowing a local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\n executing a crafted sequence of system calls that encounter a missing\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0022-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug\", rpm:\"kselftests-kmp-debug~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug-debuginfo\", rpm:\"kselftests-kmp-debug-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default\", rpm:\"kselftests-kmp-default~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default-debuginfo\", rpm:\"kselftests-kmp-default-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla\", rpm:\"kselftests-kmp-vanilla~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla-debuginfo\", rpm:\"kselftests-kmp-vanilla-debuginfo~4.4.104~39.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-20T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-ba6b6e71f7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-17449"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873930", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873930", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_ba6b6e71f7_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-ba6b6e71f7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873930\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-20 07:46:12 +0100 (Wed, 20 Dec 2017)\");\n script_cve_id(\"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-ba6b6e71f7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-ba6b6e71f7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSPPULDQRJC4RPZ5ZZL6ENXFGHU5YRPT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.6~200.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-19T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-129969aa8a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-17449"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873926", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873926", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_129969aa8a_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-129969aa8a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873926\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-19 08:10:39 +0100 (Tue, 19 Dec 2017)\");\n script_cve_id(\"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-129969aa8a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-129969aa8a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UQR73HLC3D6JOXUM33STPEJTGJT6IK7\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.6~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-18T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-1e033dc308", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-16650", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874366", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874366", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1e033dc308_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-1e033dc308\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874366\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 08:57:51 +0200 (Wed, 18 Apr 2018)\");\n script_cve_id(\"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-1e033dc308\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1e033dc308\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKS5SHENFBKZBNJZ5A6BMP6JNTK5D4QC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.15.17~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-e71875c4aa", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-16650", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874400", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874400", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e71875c4aa_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-e71875c4aa\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874400\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-02 16:59:02 +0530 (Wed, 02 May 2018)\");\n script_cve_id(\"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-e71875c4aa\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e71875c4aa\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23BZYWCPCFYSPRRRVNCK6UFYCODGX6GB\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.4~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T18:55:35", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-5754\nMultiple researchers have discovered a vulnerability in Intel\nprocessors, enabling an attacker controlling an unprivileged\nprocess to read memory from arbitrary addresses, including from\nthe kernel and all other processes running on the system.\n\nThis specific attack has been named Meltdown and is addressed in\nthe Linux kernel for the Intel x86-64 architecture by a patch set\nnamed Kernel Page Table Isolation, enforcing a near complete\nseparation of the kernel and userspace address maps and preventing\nthe attack. This solution might have a performance impact, and can\nbe disabled at boot time by passing pti=off\nto the kernel\ncommand line.\n\nDescription truncated. Please see the references for more information.", "cvss3": {}, "published": "2018-01-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4082-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5754", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2017-16939", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-16538", "CVE-2017-15868", "CVE-2017-17807", "CVE-2017-17806"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704082", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704082", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4082-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704082\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2017-1000407\", \"CVE-2017-1000410\", \"CVE-2017-15868\", \"CVE-2017-16538\", \"CVE-2017-16939\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-5754\", \"CVE-2017-8824\");\n script_name(\"Debian Security Advisory DSA 4082-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-09 00:00:00 +0100 (Tue, 09 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4082.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 3.16.51-3+deb8u1.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/linux\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-5754\nMultiple researchers have discovered a vulnerability in Intel\nprocessors, enabling an attacker controlling an unprivileged\nprocess to read memory from arbitrary addresses, including from\nthe kernel and all other processes running on the system.\n\nThis specific attack has been named Meltdown and is addressed in\nthe Linux kernel for the Intel x86-64 architecture by a patch set\nnamed Kernel Page Table Isolation, enforcing a near complete\nseparation of the kernel and userspace address maps and preventing\nthe attack. This solution might have a performance impact, and can\nbe disabled at boot time by passing pti=off\nto the kernel\ncommand line.\n\nDescription truncated. Please see the references for more information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-586\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-686-pae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-armel\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-armhf\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-i386\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-ppc64el\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-armmp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-armmp-lpae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-common\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-ixp4xx\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-kirkwood\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-orion5x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-powerpc-smp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-powerpc64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-powerpc64le\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-versatile\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-586\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-686-pae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-686-pae-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-amd64-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-arm64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-arm64-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-armmp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-armmp-lpae\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-ixp4xx\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-kirkwood\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-orion5x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-powerpc\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-powerpc-smp\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-powerpc64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-powerpc64le\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-s390x\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-s390x-dbg\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-versatile\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-5\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-5-amd64\", ver:\"3.16.51-3+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:34:20", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2017-17807", "CVE-2017-17806"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181232", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1232\");\n script_version(\"2020-01-23T11:18:13+0000\");\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:18:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:18:13 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1232)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1232\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1232\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2018-1232 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.(CVE-2017-17805)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.(CVE-2017-17806)\n\nhe KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's 'default request-key keyring' via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c.(CVE-2017-17807)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~327.62.59.66_21\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-3581-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843460", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843460", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3581_3.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-raspi2 USN-3581-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843460\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-23 09:05:45 +0100 (Fri, 23 Feb 2018)\");\n script_cve_id(\"CVE-2017-17712\", \"CVE-2017-15115\", \"CVE-2017-8824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3581-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mohamed Ghannam discovered that the IPv4 raw\n socket implementation in the Linux kernel contained a race condition leading to\n uninitialized pointer usage. A local attacker could use this to cause a denial\n of service or possibly execute arbitrary code. (CVE-2017-17712) ChunYu Wang\n discovered that a use-after-free vulnerability existed in the SCTP protocol\n implementation in the Linux kernel. A local attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code,\n (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in\n the DCCP protocol implementation in the Linux kernel. A local attacker could use\n this to cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2017-8824)\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 17.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3581-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3581-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1014-raspi2\", ver:\"4.13.0-1014.15\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.13.0.1014.12\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-30T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-9d0e4e40b5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874623", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9d0e4e40b5_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-9d0e4e40b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874623\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-30 06:02:06 +0200 (Wed, 30 May 2018)\");\n script_cve_id(\"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-9d0e4e40b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9d0e4e40b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAUGR47M3LDUN54S6SH2OQ3U6U2LS7HA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.12~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-e8f793bbfc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874647", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e8f793bbfc_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-e8f793bbfc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874647\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-06 10:21:31 +0200 (Wed, 06 Jun 2018)\");\n script_cve_id(\"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\",\n \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\",\n \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\",\n \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\",\n \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\",\n \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\",\n \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\",\n \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\",\n \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\",\n \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\",\n \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-e8f793bbfc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e8f793bbfc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F32LED4G6QF446ZM5G7MOPFDAP4VB6M2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.13~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-93c2e74446", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_93c2e74446_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-93c2e74446\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874606\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-26 05:55:13 +0200 (Sat, 26 May 2018)\");\n script_cve_id(\"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-93c2e74446\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-93c2e74446\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4XJ6WFI3BA27DJD66OHZX644RGQ7EBV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.11~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:33:09", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1026)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-17558", "CVE-2017-12193", "CVE-2017-17805", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2017-16939", "CVE-2017-17449", "CVE-2017-15868", "CVE-2017-17807", "CVE-2017-7542", "CVE-2017-12190", "CVE-2017-17806"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181026", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181026", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1026\");\n script_version(\"2020-01-23T11:08:36+0000\");\n script_cve_id(\"CVE-2017-1000407\", \"CVE-2017-12190\", \"CVE-2017-12193\", \"CVE-2017-15868\", \"CVE-2017-16939\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-7542\", \"CVE-2017-8824\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:08:36 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:08:36 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1026)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1026\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1026\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2018-1026 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.(CVE-2017-16939)\n\nThe bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.(CVE-2017-12190)\n\nThe assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.(CVE-2017-12193)\n\nThe ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.(CVE-2017-7542)\n\nThe bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.(CVE-2017-15868)\n\nThe dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.(CVE-2017-8824)\n\nnet/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.(CVE-2017-17448)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.(CVE-2017-17449)\n\nnet/netfilter/xt_osf.c in the Li ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.59.59.46.h49\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-23T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-c449dc1c9c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874721", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c449dc1c9c_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-c449dc1c9c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874721\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-23 06:16:07 +0200 (Sat, 23 Jun 2018)\");\n script_cve_id(\"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-c449dc1c9c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c449dc1c9c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y5RAP5M7DMT24XOVYRAYT7GRQE5OWLU3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.16~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-b57db4753c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b57db4753c_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-b57db4753c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874695\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-18 06:02:23 +0200 (Mon, 18 Jun 2018)\");\n script_cve_id(\"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\",\n \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\",\n \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-b57db4753c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b57db4753c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22G4FPLZ4Y2WCMKTQG2WQFPR36Y3V4U4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.15~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-2a0f8b2c9d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874761", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874761", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2a0f8b2c9d_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-2a0f8b2c9d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874761\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-03 06:02:18 +0200 (Tue, 03 Jul 2018)\");\n script_cve_id(\"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-2a0f8b2c9d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2a0f8b2c9d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGVBVYZZR6UYWHRCMCVLU3DVJMBOYBLP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.3~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-29T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-b997780dca", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12904", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874751", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874751", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b997780dca_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-b997780dca\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874751\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-29 10:57:08 +0200 (Fri, 29 Jun 2018)\");\n script_cve_id(\"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-12904\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-b997780dca\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b997780dca\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2V7GQIYQYXQJNRX5DEJNNO6YKOHQC42\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.2~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-azure USN-3581-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-5715"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843457", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843457", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3581_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-azure USN-3581-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843457\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-22 15:56:33 +0100 (Thu, 22 Feb 2018)\");\n script_cve_id(\"CVE-2017-17712\", \"CVE-2017-15115\", \"CVE-2017-8824\", \"CVE-2017-5715\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-azure USN-3581-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-azure'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3581-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 17.10. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu\n 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in\n the Linux kernel contained a race condition leading to uninitialized pointer\n usage. A local attacker could use this to cause a denial of service or possibly\n execute arbitrary code. (CVE-2017-17712) ChunYu Wang discovered that a\n use-after-free vulnerability existed in the SCTP protocol implementation in the\n Linux kernel. A local attacker could use this to cause a denial of service\n (system crash) or possibly execute arbitrary code, (CVE-2017-15115) Mohamed\n Ghannam discovered a use-after-free vulnerability in the DCCP protocol\n implementation in the Linux kernel. A local attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-8824) USN-3541-2 mitigated CVE-2017-5715 (Spectre Variant 2) for the\n amd64 architecture in Ubuntu 16.04 LTS. This update provides the compiler-based\n retpoline kernel mitigation for the amd64 and i386 architectures. Original\n advisory details: Jann Horn discovered that microprocessors utilizing\n speculative execution and branch prediction may allow unauthorized memory reads\n via sidechannel attacks. This flaw is known as Spectre. A local attacker could\n use this to expose sensitive information, including kernel memory.\n (CVE-2017-5715)\");\n script_tag(name:\"affected\", value:\"linux-azure on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3581-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3581-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1011-azure\", ver:\"4.13.0-1011.14\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1011-gcp\", ver:\"4.13.0-1011.15\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-1021-oem\", ver:\"4.13.0-1021.23\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-generic\", ver:\"4.13.0-36.40~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-generic-lpae\", ver:\"4.13.0-36.40~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-lowlatency\", ver:\"4.13.0-36.40~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.13.0.1011.12\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.13.0.1011.13\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.13.0.36.55\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.13.0.36.55\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.13.0.1011.13\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.13.0.36.55\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.13.0.1021.25\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3581-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-5715"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843458", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3581_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3581-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843458\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-22 15:56:45 +0100 (Thu, 22 Feb 2018)\");\n script_cve_id(\"CVE-2017-17712\", \"CVE-2017-15115\", \"CVE-2017-8824\", \"CVE-2017-5715\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3581-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mohamed Ghannam discovered that the IPv4 raw\n socket implementation in the Linux kernel contained a race condition leading to\n uninitialized pointer usage. A local attacker could use this to cause a denial\n of service or possibly execute arbitrary code. (CVE-2017-17712) ChunYu Wang\n discovered that a use-after-free vulnerability existed in the SCTP protocol\n implementation in the Linux kernel. A local attacker could use this to cause a\n denial of service (system crash) or possibly execute arbitrary code,\n (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in\n the DCCP protocol implementation in the Linux kernel. A local attacker could use\n this to cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2017-8824) USN-3541-1 mitigated CVE-2017-5715 (Spectre Variant 2) for\n the amd64 architecture in Ubuntu 17.10. This update provides the compiler-based\n retpoline kernel mitigation for the amd64 and i386 architectures. Original\n advisory details: Jann Horn discovered that microprocessors utilizing\n speculative execution and branch prediction may allow unauthorized memory reads\n via sidechannel attacks. This flaw is known as Spectre. A local attacker could\n use this to expose sensitive information, including kernel memory.\n (CVE-2017-5715)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 17.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3581-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3581-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-generic\", ver:\"4.13.0-36.40\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-generic-lpae\", ver:\"4.13.0-36.40\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.13.0-36-lowlatency\", ver:\"4.13.0-36.40\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.13.0.36.38\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.13.0.36.38\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.13.0.36.38\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0408-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17862", "CVE-2017-15129", "CVE-2017-17712", "CVE-2017-5715", "CVE-2018-5332", "CVE-2017-18017", "CVE-2017-17864"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851698", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851698\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-10 07:54:04 +0100 (Sat, 10 Feb 2018)\");\n script_cve_id(\"CVE-2017-15129\", \"CVE-2017-17712\", \"CVE-2017-17862\", \"CVE-2017-17864\",\n \"CVE-2017-18017\", \"CVE-2017-5715\", \"CVE-2018-1000004\", \"CVE-2018-5332\",\n \"CVE-2018-5333\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0408-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was updated to 4.4.114 to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-5715: Systems with microprocessors utilizing speculative\n execution and indirect branch prediction may allow unauthorized\n disclosure\n of information to an attacker with local user access via a side-channel\n analysis (bnc#1068032).\n\n The previous fix using CPU Microcode has been complemented by building\n the Linux Kernel with return trampolines aka 'retpolines'.\n\n - CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in\n net/rds/rdma.c mishandled cases where page pinning fails or an invalid\n address is supplied, leading to an rds_atomic_free_op NULL pointer\n dereference (bnc#1075617).\n\n - CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function\n did not validate a value that is used during DMA page allocation,\n leading to a heap-based out-of-bounds write (related to the\n rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n\n - CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores\n unreachable code, even though it would still be processed by JIT\n compilers. This behavior, also considered an improper branch-pruning\n logic issue, could possibly be used by local users for denial of service\n (bnc#1073928).\n\n - CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled\n states_equal comparisons between the pointer data type and the\n UNKNOWN_VALUE data type, which allowed local users to obtain potentially\n sensitive address information, aka a 'pointer leak (bnc#1073928).\n\n - CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the\n Linux kernel had a race condition in inet- hdrincl that lead to\n uninitialized stack pointer usage this allowed a local user to execute\n code and gain privileges (bnc#1073229 1073230).\n\n - CVE-2017-15129: A use-after-free vulnerability was found in network\n namespaces code affecting the Linux kernel The function\n get_net_ns_by_id() in net/core/net_namespace.c did not check for the\n net::count value after it has found a peer network in netns_ids idr,\n which could lead to double free and memory corruption. This\n vulnerability could allow an unprivileged local user to induce kernel\n memory corruption on the system, leading to a crash. Due to the nature\n of the flaw, privilege escalation cannot be fully ruled out, although it\n is thought to be unlikely (bnc#1074839).\n\n - CVE-2017-18017: The tcpmss_mangle_packet function in\n net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers\n to cause a denial of s ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Kernel on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0408-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug\", rpm:\"kselftests-kmp-debug~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-debug-debuginfo\", rpm:\"kselftests-kmp-debug-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default\", rpm:\"kselftests-kmp-default~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-default-debuginfo\", rpm:\"kselftests-kmp-default-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla\", rpm:\"kselftests-kmp-vanilla~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kselftests-kmp-vanilla-debuginfo\", rpm:\"kselftests-kmp-vanilla-debuginfo~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.114~42.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-19T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-1c80fea1cd", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874964", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1c80fea1cd_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-1c80fea1cd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874964\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-19 06:42:42 +0200 (Sun, 19 Aug 2018)\");\n script_cve_id(\"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-1c80fea1cd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1c80fea1cd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.14~102.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:01:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-18T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-4ca01704a2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2017-14051", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2017-5123", "CVE-2017-17558", "CVE-2017-13695", "CVE-2018-1000004", "CVE-2017-1000111", "CVE-2018-5333", "CVE-2017-15265", "CVE-2017-17741", "CVE-2017-13694", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-13693", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-10810", "CVE-2018-7757", "CVE-2017-7533", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000251", "CVE-2017-1000112", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-7558", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-1000255", "CVE-2017-16650", "CVE-2017-12134", "CVE-2017-12153", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-14497", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-14954", "CVE-2017-16644", "CVE-2017-17864", "CVE-2017-12154", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-12190", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_4ca01704a2_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-4ca01704a2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874365\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 08:54:26 +0200 (Wed, 18 Apr 2018)\");\n script_cve_id(\"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2017-12190\", \"CVE-2017-5123\",\n \"CVE-2017-15265\", \"CVE-2017-1000255\", \"CVE-2017-14954\", \"CVE-2017-14497\",\n \"CVE-2017-12154\", \"CVE-2017-12153\", \"CVE-2017-1000251\", \"CVE-2017-14051\",\n \"CVE-2017-13693\", \"CVE-2017-13694\", \"CVE-2017-13695\", \"CVE-2017-7558\",\n \"CVE-2017-12134\", \"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-7533\",\n \"CVE-2017-10810\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-4ca01704a2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-4ca01704a2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3MAKT7ZDC6T4B52QFNRBYKWU75JMUX5C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.15.17~200.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-8484550fff", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-13406", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874813", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8484550fff_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-8484550fff\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874813\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-15 06:04:39 +0200 (Sun, 15 Jul 2018)\");\n script_cve_id(\"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-13406\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-8484550fff\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8484550fff\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOZHI2THAILWJPPQV3NONSSGW7WEZHWA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.5~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-49bda79bd5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874890", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874890", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_49bda79bd5_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-49bda79bd5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874890\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-04 06:04:25 +0200 (Sat, 04 Aug 2018)\");\n script_cve_id(\"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\",\n \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\",\n \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-49bda79bd5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-49bda79bd5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3AQDHJH4EQZ2WK343QWMUIUUHBY6PQ4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.11~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-10T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-2f6df9abfb", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874919", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874919", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2f6df9abfb_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-2f6df9abfb\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874919\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 06:22:46 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\",\n \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\",\n \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\",\n \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\",\n \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\",\n \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\",\n \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\",\n \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\",\n \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\",\n \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\",\n \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\",\n \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\",\n \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\",\n \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-2f6df9abfb\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2f6df9abfb\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2UJZBTWLH7WHZLJ6CMPDARHBP5OQRHT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.12~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:06:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-12T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-884a105c04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2017-14051", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2017-5123", "CVE-2018-1108", "CVE-2017-17558", "CVE-2017-13695", "CVE-2018-1000004", "CVE-2017-1000111", "CVE-2018-5333", "CVE-2017-15265", "CVE-2017-17741", "CVE-2017-13694", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-13693", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-10810", "CVE-2018-7757", "CVE-2017-7533", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000251", "CVE-2017-1000112", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-7558", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-1000255", "CVE-2017-16650", "CVE-2017-12134", "CVE-2017-12153", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-14497", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-14954", "CVE-2017-16644", "CVE-2017-17864", "CVE-2017-12154", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-12190", "CVE-2017-17856"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874427", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874427", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_884a105c04_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-884a105c04\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874427\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-12 06:00:51 +0200 (Sat, 12 May 2018)\");\n script_cve_id(\"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2017-12190\",\n \"CVE-2017-5123\", \"CVE-2017-15265\", \"CVE-2017-1000255\", \"CVE-2017-14954\",\n \"CVE-2017-14497\", \"CVE-2017-12154\", \"CVE-2017-12153\", \"CVE-2017-1000251\",\n \"CVE-2017-14051\", \"CVE-2017-13693\", \"CVE-2017-13694\", \"CVE-2017-13695\",\n \"CVE-2017-7558\", \"CVE-2017-12134\", \"CVE-2017-1000111\", \"CVE-2017-1000112\",\n \"CVE-2017-7533\", \"CVE-2017-10810\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-884a105c04\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-884a105c04\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HM3JVAHYMEV65VTITHNUM7JTHTN7Q53I\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.7~100.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-79d7c3d2df", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2018-15471", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_79d7c3d2df_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-79d7c3d2df\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874998\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-26 07:09:43 +0200 (Sun, 26 Aug 2018)\");\n script_cve_id(\"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\",\n \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\",\n \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\",\n \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-79d7c3d2df\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-79d7c3d2df\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PWPRVELTRP4X6YB4R6SW3K356ROV3BE\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.17~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:40:06", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1031)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2017-13215", "CVE-2017-17558", "CVE-2018-5333", "CVE-2017-0861", "CVE-2017-17805", "CVE-2018-5344", "CVE-2016-3695", "CVE-2017-8824", "CVE-2017-17448", "CVE-2016-7915", "CVE-2017-1000407", "CVE-2018-5332", "CVE-2017-16939", "CVE-2017-17449", "CVE-2017-15868", "CVE-2017-17807", "CVE-2017-18017", "CVE-2017-17806"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181031", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181031", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1031\");\n script_version(\"2020-01-23T11:09:23+0000\");\n script_cve_id(\"CVE-2016-3695\", \"CVE-2016-7915\", \"CVE-2017-0861\", \"CVE-2017-1000407\", \"CVE-2017-13215\", \"CVE-2017-15868\", \"CVE-2017-16939\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-18017\", \"CVE-2017-8824\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2018-5344\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:09:23 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:09:23 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1031)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1031\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1031\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2018-1031 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.(CVE-2016-7915)\n\nIn the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.(CVE-2018-5344)\n\nIn the Linux kernel through 4.14.13, the rds_cmsg_atomic() function in 'net/rds/rdma.c' mishandles cases where page pinning fails or an invalid address is supplied by a user. This can lead to a NULL pointer dereference in rds_atomic_free_op() and thus to a system panic.(CVE-2018-5333)\n\nIn the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size() function in 'net/rds/rdma.c') and thus to a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2018-5332)\n\nA flaw was found in the upstream kernel Skcipher component. This vulnerability affects the skcipher_recvmsg function of the component Skcipher. The manipulation with an unknown input leads to a privilege escalation vulnerability.(CVE-2017-13215)\n\nThe tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.(CVE-2017-18017)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.(CVE-2017-17805)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USE ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~229.49.1.172\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-euclid USN-3633-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16995"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843507", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843507", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3633_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-euclid USN-3633-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843507\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 08:37:14 +0200 (Wed, 25 Apr 2018)\");\n script_cve_id(\"CVE-2017-16995\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-euclid USN-3633-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-euclid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Jann Horn discovered that the Berkeley\n Packet Filter (BPF) implementation in the Linux kernel improperly performed sign\n extension in some situations. A local attacker could use this to cause a denial\n of service (system crash) or possibly execute arbitrary code.\n (CVE-2017-16995)\");\n script_tag(name:\"affected\", value:\"linux-euclid on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3633-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3633-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-9026-euclid\", ver:\"4.4.0-9026.28\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-euclid\", ver:\"4.4.0.9026.27\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-22T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-f7cb245861", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17712"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_f7cb245861_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-f7cb245861\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873945\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-22 07:56:28 +0100 (Fri, 22 Dec 2017)\");\n script_cve_id(\"CVE-2017-17712\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-f7cb245861\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-f7cb245861\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3HNCVU3TTRBJVWKUD6AZRQEF6RE7MV6C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.7~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-c0a1284064", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-17182", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2018-15471", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2018-14633", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875128", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875128", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c0a1284064_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-c0a1284064\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875128\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-02 08:30:25 +0200 (Tue, 02 Oct 2018)\");\n script_cve_id(\"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-c0a1284064\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c0a1284064\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3KRIRC4X5WWFMPBCO7YX3WEQQGQBGTNO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.18.10~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-2ee3411cb8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-17182", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2018-15471", "CVE-2017-16650", "CVE-2018-17972", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2018-14633", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875201", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2ee3411cb8_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-2ee3411cb8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875201\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 06:39:38 +0200 (Wed, 17 Oct 2018)\");\n script_cve_id(\"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-2ee3411cb8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2ee3411cb8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACX4WW5ZZ3PNMAEPZVJGMZ2D2BYHVMUD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.18.13~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-09-27T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-d77cc41f35", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-17182", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2018-15471", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875099", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d77cc41f35_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-d77cc41f35\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875099\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-27 08:31:40 +0200 (Thu, 27 Sep 2018)\");\n script_cve_id(\"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\",\n \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\",\n \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\",\n \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\",\n \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\",\n \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\",\n \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\",\n \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\",\n \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\",\n \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\",\n \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\",\n \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\",\n \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\",\n \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\",\n \"CVE-2017-12193\", \"CVE-2018-17182\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-d77cc41f35\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d77cc41f35\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKESRJO5EIBN6QFG4PO463OGQRU6HFOF\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.18.9~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-01-04T18:12:50", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: kernel-4.14.11-200.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2018-01-04T18:12:50", "id": "FEDORA:C88F6601BD0C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SEFHTLFUOREQQK4DCRD46ZY3QPR6RSJ5/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-01-04T02:22:54", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.14.11-300.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2018-01-04T02:22:54", "id": "FEDORA:4A25C608E179", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CFRT6EBC2HJ4XLWLZZ7MATZ2EWPTADAH/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.6, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-19T21:39:12", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: kernel-4.14.6-200.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824"], "modified": "2017-12-19T21:39:12", "id": "FEDORA:7F8C960BC98D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NSPPULDQRJC4RPZ5ZZL6ENXFGHU5YRPT/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.6, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-18T18:52:26", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.14.6-300.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824"], "modified": "2017-12-18T18:52:26", "id": "FEDORA:E1D7E6031252", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3UQR73HLC3D6JOXUM33STPEJTGJT6IK7/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-18T01:31:51", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.15.17-300.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-1065", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-04-18T01:31:51", "id": "FEDORA:74245604D4DA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SKS5SHENFBKZBNJZ5A6BMP6JNTK5D4QC/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-29T05:16:13", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.4-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-1065", "CVE-2018-1108", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-04-29T05:16:13", "id": "FEDORA:AB52460321C9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/23BZYWCPCFYSPRRRVNCK6UFYCODGX6GB/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-25T15:46:24", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.11-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-05-25T15:46:24", "id": "FEDORA:08D3760E6566", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Y4XJ6WFI3BA27DJD66OHZX644RGQ7EBV/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-05T14:11:50", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.13-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-06-05T14:11:50", "id": "FEDORA:4832F6079717", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/F32LED4G6QF446ZM5G7MOPFDAP4VB6M2/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-17T19:45:35", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.15-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-06-17T19:45:35", "id": "FEDORA:DF5176048167", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/22G4FPLZ4Y2WCMKTQG2WQFPR36Y3V4U4/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-29T11:50:44", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.12-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-05-29T11:50:44", "id": "FEDORA:E6F08605DCE7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YAUGR47M3LDUN54S6SH2OQ3U6U2LS7HA/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-22T14:12:17", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.16-200.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-06-22T14:12:17", "id": "FEDORA:10F7D6255145", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Y5RAP5M7DMT24XOVYRAYT7GRQE5OWLU3/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-01T01:37:15", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.3-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-07-01T01:37:15", "id": "FEDORA:909D360491BF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QGVBVYZZR6UYWHRCMCVLU3DVJMBOYBLP/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-28T13:35:42", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.2-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12904", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-06-28T13:35:42", "id": "FEDORA:25BDD6190ECF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S2V7GQIYQYXQJNRX5DEJNNO6YKOHQC42/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-13T16:38:23", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.5-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-13406", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-07-13T16:38:23", "id": "FEDORA:29FCE65ECD33", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VOZHI2THAILWJPPQV3NONSSGW7WEZHWA/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-03T19:58:28", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.11-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14678", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-08-03T19:58:28", "id": "FEDORA:B54D264CBCAC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/K3AQDHJH4EQZ2WK343QWMUIUUHBY6PQ4/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-21T19:03:39", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.14.7-300.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17712"], "modified": "2017-12-21T19:03:39", "id": "FEDORA:4B78C604AF8C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3HNCVU3TTRBJVWKUD6AZRQEF6RE7MV6C/", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-07-18T19:12:46", "description": "The 4.14.11 stable kernel update contains a number of important fixes across the tree. This also includes the KPTI patches to mitigate the Meltdown vulnerability for x86 architectures\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-05T00:00:00", "type": "nessus", "title": "Fedora 26 : kernel (2018-8ed5eff2c0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-8ED5EFF2C0.NASL", "href": "https://www.tenable.com/plugins/nessus/105596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8ed5eff2c0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105596);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n script_xref(name:\"FEDORA\", value:\"2018-8ed5eff2c0\");\n\n script_name(english:\"Fedora 26 : kernel (2018-8ed5eff2c0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ed5eff2c0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-8ed5eff2c0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.14.11-200.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-18T19:12:06", "description": "The 4.14.11 stable kernel update contains a number of important fixes across the tree. This also includes the KPTI patches to mitigate the Meltdown vulnerability for x86 architectures.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel (2018-22d5fa8a90)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-22D5FA8A90.NASL", "href": "https://www.tenable.com/plugins/nessus/106024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-22d5fa8a90.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106024);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n script_xref(name:\"FEDORA\", value:\"2018-22d5fa8a90\");\n\n script_name(english:\"Fedora 27 : kernel (2018-22d5fa8a90)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-22d5fa8a90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-22d5fa8a90\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.14.11-300.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:11:55", "description": "USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10.\nThis update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.\n\nJann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel mishandled pointer data values in some situations. A local attacker could use this to to expose sensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities (USN-3523-2) (Meltdown)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16995", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3523-2.NASL", "href": "https://www.tenable.com/plugins/nessus/105747", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3523-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105747);\n script_version(\"3.16\");\n script_cvs_date(\"Date: 2019/09/18 12:31:47\");\n\n script_cve_id(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-5754\");\n script_xref(name:\"USN\", value:\"3523-2\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities (USN-3523-2) (Meltdown)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.\n\nJann Horn discovered that microprocessors utilizing speculative\nexecution and indirect branch prediction may allow unauthorized memory\nreads via sidechannel attacks. This flaw is known as Meltdown. A local\nattacker could use this to expose sensitive information, including\nkernel memory. (CVE-2017-5754)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel did not properly check the\nrelationship between pointer values and the BPF stack. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel improperly performed sign extension\nin some situations. A local attacker could use this to cause a denial\nof service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel contained a branch-pruning logic\nissue around unreachable code. A local attacker could use this to\ncause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel mishandled pointer data values in\nsome situations. A local attacker could use this to to expose\nsensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3523-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF Sign Extension Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-5754\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3523-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-1005-azure\", pkgver:\"4.13.0-1005.7\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-1006-gcp\", pkgver:\"4.13.0-1006.9\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-1015-oem\", pkgver:\"4.13.0-1015.16\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-26-generic\", pkgver:\"4.13.0-26.29~16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-26-generic-lpae\", pkgver:\"4.13.0-26.29~16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.13.0-26-lowlatency\", pkgver:\"4.13.0-26.29~16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-azure\", pkgver:\"4.13.0.1005.6\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.13.0.1006.8\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.13.0.26.46\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.13.0.26.46\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.13.0.1006.8\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.13.0.26.46\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.13.0.1015.18\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.13-azure / linux-image-4.13-gcp / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:08:57", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel mishandled pointer data values in some situations. A local attacker could use this to to expose sensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-10T00:00:00", "type": "nessus", "title": "Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16995", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "cpe:/o:canonical:ubuntu_linux:17.10"], "id": "UBUNTU_USN-3523-1.NASL", "href": "https://www.tenable.com/plugins/nessus/105726", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3523-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105726);\n script_version(\"3.16\");\n script_cvs_date(\"Date: 2019/09/18 12:31:47\");\n\n script_cve_id(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-5754\");\n script_xref(name:\"USN\", value:\"3523-1\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n\n script_name(english:\"Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jann Horn discovered that microprocessors utilizing speculative\nexecution and indirect branch prediction may allow unauthorized memory\nreads via sidechannel attacks. This flaw is known as Meltdown. A local\nattacker could use this to expose sensitive information, including\nkernel memory. (CVE-2017-5754)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel did not properly check the\nrelationship between pointer values and the BPF stack. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel improperly performed sign extension\nin some situations. A local attacker could use this to cause a denial\nof service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel contained a branch-pruning logic\nissue around unreachable code. A local attacker could use this to\ncause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel mishandled pointer data values in\nsome situations. A local attacker could use this to to expose\nsensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3523-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF Sign Extension Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(17\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 17.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-5754\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3523-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-4.13.0-25-generic\", pkgver:\"4.13.0-25.29\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-4.13.0-25-lowlatency\", pkgver:\"4.13.0-25.29\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-generic\", pkgver:\"4.13.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.13.0.25.26\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.13-generic / linux-image-4.13-lowlatency / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:09:31", "description": "Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel mishandled pointer data values in some situations. A local attacker could use this to to expose sensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-11T00:00:00", "type": "nessus", "title": "Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3523-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16995", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:17.10"], "id": "UBUNTU_USN-3523-3.NASL", "href": "https://www.tenable.com/plugins/nessus/105748", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3523-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105748);\n script_version(\"3.14\");\n script_cvs_date(\"Date: 2019/09/18 12:31:47\");\n\n script_cve_id(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n script_xref(name:\"USN\", value:\"3523-3\");\n\n script_name(english:\"Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3523-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel did not properly check the\nrelationship between pointer values and the BPF stack. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2017-17863)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel improperly performed sign extension\nin some situations. A local attacker could use this to cause a denial\nof service (system crash) or possibly execute arbitrary code.\n(CVE-2017-16995)\n\nAlexei Starovoitov discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel contained a branch-pruning logic\nissue around unreachable code. A local attacker could use this to\ncause a denial of service. (CVE-2017-17862)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF)\nimplementation in the Linux kernel mishandled pointer data values in\nsome situations. A local attacker could use this to to expose\nsensitive information (kernel memory). (CVE-2017-17864).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3523-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.13-raspi2 and / or\nlinux-image-raspi2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF Sign Extension Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.13-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(17\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 17.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-16995\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3523-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-4.13.0-1011-raspi2\", pkgver:\"4.13.0-1011.11\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"linux-image-raspi2\", pkgver:\"4.13.0.1011.9\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.13-raspi2 / linux-image-raspi2\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-11T18:55:19", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\n - CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free. A local user could use this for denial of service (crash or data corruption) or possibly for privilege escalation. On systems that do not already have the dccp module loaded, this can be mitigated by disabling it:echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\n - CVE-2017-16538 Andrey Konovalov reported that the dvb-usb-lmedm04 media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash).\n\n - CVE-2017-16644 Andrey Konovalov reported that the hdpvr media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash).\n\n - CVE-2017-16995 Jann Horn discovered that the Extended BPF verifier did not correctly model the behaviour of 32-bit load instructions. A local user can use this for privilege escalation.\n\n - CVE-2017-17448 Kevin Cernekee discovered that the netfilter subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace, not just the root namespace, to enable and disable connection tracking helpers. This could lead to denial of service, violation of network security policy, or have other impact.\n\n - CVE-2017-17449 Kevin Cernekee discovered that the netlink subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace to monitor netlink traffic in all net namespaces, not just those owned by that user namespace.\n This could lead to exposure of sensitive information.\n\n - CVE-2017-17450 Kevin Cernekee discovered that the xt_osf module allowed users with the CAP_NET_ADMIN capability in any user namespace to modify the global OS fingerprint list.\n\n - CVE-2017-17558 Andrey Konovalov reported that that USB core did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation.\n\n - CVE-2017-17712 Mohamed Ghannam discovered a race condition in the IPv4 raw socket implementation. A local user could use this to obtain sensitive information from the kernel.\n\n - CVE-2017-17741 Dmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash).\n\n - CVE-2017-17805 It was discovered that some implementations of the Salsa20 block cipher did not correctly handle zero-length input. A local user could use this to cause a denial of service (crash) or possibly have other security impact.\n\n - CVE-2017-17806 It was discovered that the HMAC implementation could be used with an underlying hash algorithm that requires a key, which was not intended. A local user could use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation.\n\n - CVE-2017-17807 Eric Biggers discovered that the KEYS subsystem lacked a check for write permission when adding keys to a process's default keyring. A local user could use this to cause a denial of service or to obtain sensitive information.\n\n - CVE-2017-17862 Alexei Starovoitov discovered that the Extended BPF verifier ignored unreachable code, even though it would still be processed by JIT compilers. This could possibly be used by local users for denial of service. It also increases the severity of bugs in determining unreachable code.\n\n - CVE-2017-17863 Jann Horn discovered that the Extended BPF verifier did not correctly model pointer arithmetic on the stack frame pointer. A local user can use this for privilege escalation.\n\n - CVE-2017-17864 Jann Horn discovered that the Extended BPF verifier could fail to detect pointer leaks from conditional code. A local user could use this to obtain sensitive information in order to exploit other vulnerabilities.\n\n - CVE-2017-1000407 Andrew Honig reported that the KVM implementation for Intel processors allowed direct access to host I/O port 0x80, which is not generally safe. On some systems this allows a guest VM to cause a denial of service (crash) of the host.\n\n - CVE-2017-1000410 Ben Seri reported that the Bluetooth subsystem did not correctly handle short EFS information elements in L2CAP messages. An attacker able to communicate over Bluetooth could use this to obtain sensitive information from the kernel.\n\nThe various problems in the Extended BPF verifier can be mitigated by disabling use of Extended BPF by unprivileged users:sysctl kernel.unprivileged_bpf_disabled=1\n\nDebian disables unprivileged user namespaces by default, but if they are enabled (via the kernel.unprivileged_userns_clone sysctl) then CVE-2017-17448 can be exploited by any local user.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-26T00:00:00", "type": "nessus", "title": "Debian DSA-4073-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000407", "CVE-2017-1000410", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16995", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17807", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-8824"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:linux:*:*:*:*:*:*:*"], "id": "DEBIAN_DSA-4073.NASL", "href": "https://www.tenable.com/plugins/nessus/105433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4073. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105433);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-1000407\", \"CVE-2017-1000410\", \"CVE-2017-16538\", \"CVE-2017-16644\", \"CVE-2017-16995\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17712\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-8824\");\n script_xref(name:\"DSA\", value:\"4073\");\n\n script_name(english:\"Debian DSA-4073-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n - CVE-2017-8824\n Mohamed Ghannam discovered that the DCCP implementation\n did not correctly manage resources when a socket is\n disconnected and reconnected, potentially leading to a\n use-after-free. A local user could use this for denial\n of service (crash or data corruption) or possibly for\n privilege escalation. On systems that do not already\n have the dccp module loaded, this can be mitigated by\n disabling it:echo >> /etc/modprobe.d/disable-dccp.conf\n install dccp false\n\n - CVE-2017-16538\n Andrey Konovalov reported that the dvb-usb-lmedm04 media\n driver did not correctly handle some error conditions\n during initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16644\n Andrey Konovalov reported that the hdpvr media driver\n did not correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16995\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model the behaviour of 32-bit load\n instructions. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17448\n Kevin Cernekee discovered that the netfilter subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace, not just the root namespace, to enable\n and disable connection tracking helpers. This could lead\n to denial of service, violation of network security\n policy, or have other impact.\n\n - CVE-2017-17449\n Kevin Cernekee discovered that the netlink subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace to monitor netlink traffic in all net\n namespaces, not just those owned by that user namespace.\n This could lead to exposure of sensitive information.\n\n - CVE-2017-17450\n Kevin Cernekee discovered that the xt_osf module allowed\n users with the CAP_NET_ADMIN capability in any user\n namespace to modify the global OS fingerprint list.\n\n - CVE-2017-17558\n Andrey Konovalov reported that that USB core did not\n correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash or memory corruption), or\n possibly for privilege escalation.\n\n - CVE-2017-17712\n Mohamed Ghannam discovered a race condition in the IPv4\n raw socket implementation. A local user could use this\n to obtain sensitive information from the kernel.\n\n - CVE-2017-17741\n Dmitry Vyukov reported that the KVM implementation for\n x86 would over-read data from memory when emulating an\n MMIO write if the kvm_mmio tracepoint was enabled. A\n guest virtual machine might be able to use this to cause\n a denial of service (crash).\n\n - CVE-2017-17805\n It was discovered that some implementations of the\n Salsa20 block cipher did not correctly handle\n zero-length input. A local user could use this to cause\n a denial of service (crash) or possibly have other\n security impact.\n\n - CVE-2017-17806\n It was discovered that the HMAC implementation could be\n used with an underlying hash algorithm that requires a\n key, which was not intended. A local user could use this\n to cause a denial of service (crash or memory\n corruption), or possibly for privilege escalation.\n\n - CVE-2017-17807\n Eric Biggers discovered that the KEYS subsystem lacked a\n check for write permission when adding keys to a\n process's default keyring. A local user could use this\n to cause a denial of service or to obtain sensitive\n information.\n\n - CVE-2017-17862\n Alexei Starovoitov discovered that the Extended BPF\n verifier ignored unreachable code, even though it would\n still be processed by JIT compilers. This could possibly\n be used by local users for denial of service. It also\n increases the severity of bugs in determining\n unreachable code.\n\n - CVE-2017-17863\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model pointer arithmetic on the stack\n frame pointer. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17864\n Jann Horn discovered that the Extended BPF verifier\n could fail to detect pointer leaks from conditional\n code. A local user could use this to obtain sensitive\n information in order to exploit other vulnerabilities.\n\n - CVE-2017-1000407\n Andrew Honig reported that the KVM implementation for\n Intel processors allowed direct access to host I/O port\n 0x80, which is not generally safe. On some systems this\n allows a guest VM to cause a denial of service (crash)\n of the host.\n\n - CVE-2017-1000410\n Ben Seri reported that the Bluetooth subsystem did not\n correctly handle short EFS information elements in L2CAP\n messages. An attacker able to communicate over Bluetooth\n could use this to obtain sensitive information from the\n kernel.\n\nThe various problems in the Extended BPF verifier can be mitigated by\ndisabling use of Extended BPF by unprivileged users:sysctl\nkernel.unprivileged_bpf_disabled=1\n\nDebian disables unprivileged user namespaces by default, but if they\nare enabled (via the kernel.unprivileged_userns_clone sysctl) then\nCVE-2017-17448 can be exploited by any local user.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-8824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-1000407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-1000410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4073\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.9.65-3+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF Sign Extension Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.65-3+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:08:55", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\nCVE-2017-5754\n\nMultiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system.\n\nThis specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack.\nThis solution might have a performance impact, and can be disabled at boot time by passing `pti=off' to the kernel command line.\n\nCVE-2017-17558\n\nAndrey Konovalov reported that that USB core did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation.\n\nCVE-2017-17741\n\nDmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash).\n\nCVE-2017-17805\n\nIt was discovered that some implementations of the Salsa20 block cipher did not correctly handle zero-length input. A local user could use this to cause a denial of service (crash) or possibly have other security impact.\n\nCVE-2017-17806\n\nIt was discovered that the HMAC implementation could be used with an underlying hash algorithm that requires a key, which was not intended.\nA local user could use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation.\n\nCVE-2017-17807\n\nEric Biggers discovered that the KEYS subsystem lacked a check for write permission when adding keys to a process's default keyring. A local user could use this to cause a denial of service or to obtain sensitive information.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 3.2.96-3.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2018-01-08T00:00:00", "type": "nessus", "title": "Debian DLA-1232-1 : linux security update (Meltdown)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17807", "CVE-2017-5754"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-doc-3.2", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-486", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-ia64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-mips", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-mipsel", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-powerpc", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-s390", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-sparc", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-common", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-iop32x", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-itanium", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-kirkwood", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-loongson-2f", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mckinley", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mv78xx0", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mx5", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-omap", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-orion5x", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc-smp", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r4k-ip22", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r5k-cobalt", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r5k-ip32", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sb1-bcm91250a", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sb1a-bcm91480b", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sparc64", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sparc64-smp", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-versatile", "p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-vexpress", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-486", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-amd64", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-iop32x", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-itanium", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-kirkwood", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-loongson-2f", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mckinley", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mv78xx0", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mx5", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-octeon", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-omap", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-orion5x", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc-smp", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc64", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r4k-ip22", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r5k-cobalt", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r5k-ip32", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x-tape", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sb1-bcm91250a", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sb1a-bcm91480b", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sparc64", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sparc64-smp", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-versatile", "p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-vexpress", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-3.2", "p-cpe:/a:debian:debian_linux:linux-source-3.2", "p-cpe:/a:debian:debian_linux:linux-support-3.2.0-4", "p-cpe:/a:debian:debian_linux:xen-linux-system-3.2.0-4-686-pae", "p-cpe:/a:debian:debian_linux:xen-linux-system-3.2.0-4-amd64", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1232.NASL", "href": "https://www.tenable.com/plugins/nessus/105622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1232-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105622);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-17558\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-5754\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n\n script_name(english:\"Debian DLA-1232-1 : linux security update (Meltdown)\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-5754\n\nMultiple researchers have discovered a vulnerability in Intel\nprocessors, enabling an attacker controlling an unprivileged process\nto read memory from arbitrary addresses, including from the kernel and\nall other processes running on the system.\n\nThis specific attack has been named Meltdown and is\naddressed in the Linux kernel for the Intel x86-64\narchitecture by a patch set named Kernel Page Table\nIsolation, enforcing a near complete separation of the\nkernel and userspace address maps and preventing the attack.\nThis solution might have a performance impact, and can be\ndisabled at boot time by passing `pti=off' to the kernel\ncommand line.\n\nCVE-2017-17558\n\nAndrey Konovalov reported that that USB core did not correctly handle\nsome error conditions during initialisation. A physically present user\nwith a specially designed USB device can use this to cause a denial of\nservice (crash or memory corruption), or possibly for privilege\nescalation.\n\nCVE-2017-17741\n\nDmitry Vyukov reported that the KVM implementation for x86 would\nover-read data from memory when emulating an MMIO write if the\nkvm_mmio tracepoint was enabled. A guest virtual machine might be able\nto use this to cause a denial of service (crash).\n\nCVE-2017-17805\n\nIt was discovered that some implementations of the Salsa20 block\ncipher did not correctly handle zero-length input. A local user could\nuse this to cause a denial of service (crash) or possibly have other\nsecurity impact.\n\nCVE-2017-17806\n\nIt was discovered that the HMAC implementation could be used with an\nunderlying hash algorithm that requires a key, which was not intended.\nA local user could use this to cause a denial of service (crash or\nmemory corruption), or possibly for privilege escalation.\n\nCVE-2017-17807\n\nEric Biggers discovered that the KEYS subsystem lacked a check for\nwrite permission when adding keys to a process's default keyring. A\nlocal user could use this to cause a denial of service or to obtain\nsensitive information.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.2.96-3.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/linux\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-ia64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-mipsel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-all-sparc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-iop32x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-itanium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-loongson-2f\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mckinley\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mv78xx0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-mx5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-omap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-powerpc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r4k-ip22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r5k-cobalt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-r5k-ip32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sb1-bcm91250a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sb1a-bcm91480b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sparc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-sparc64-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.2.0-4-vexpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-iop32x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-itanium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-loongson-2f\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mckinley\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mv78xx0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-mx5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-omap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-powerpc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r4k-ip22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r5k-cobalt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-r5k-ip32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-s390x-tape\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sb1-bcm91250a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sb1a-bcm91480b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sparc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-sparc64-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.2.0-4-vexpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-3.2.0-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-3.2.0-4-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-3.2.0-4-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/07\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/08\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\n# Temp disable\nexit(1, \"Temporarily disabled.\");\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux-doc-3.2\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-486\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-4kc-malta\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-5kc-malta\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-686-pae\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-amd64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armel\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armhf\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-i386\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-ia64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mips\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mipsel\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-powerpc\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-sparc\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-amd64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common-rt\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-iop32x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-itanium\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-ixp4xx\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-kirkwood\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-loongson-2f\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mckinley\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mv78xx0\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mx5\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-octeon\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-omap\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-orion5x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc-smp\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r4k-ip22\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-cobalt\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-ip32\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-686-pae\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-amd64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-s390x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64-smp\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-versatile\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-vexpress\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-486\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-4kc-malta\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-5kc-malta\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae-dbg\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64-dbg\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-iop32x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-itanium\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-ixp4xx\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-kirkwood\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-loongson-2f\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mckinley\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mv78xx0\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mx5\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-octeon\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-omap\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-orion5x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc-smp\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r4k-ip22\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-cobalt\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-ip32\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae-dbg\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64-dbg\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-dbg\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-tape\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64-smp\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-versatile\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-vexpress\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-libc-dev\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-manual-3.2\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-source-3.2\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-support-3.2.0-4\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-686-pae\", reference:\"3.2.96-3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-amd64\", reference:\"3.2.96-3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:11:05", "description": "The openSUSE Leap 42.2 kernel was updated to 4.4.104 to receive various security and bugfixes.\n\nThis update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets.\n\n This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on updated firmware or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options.\n\nThe following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).\n\nThe following non-security bugs were fixed :\n\n - Add undefine _unique_build_ids (bsc#964063)\n\n - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).\n\n - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).\n\n - alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).\n\n - alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n\n - alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).\n\n - alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).\n\n - alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).\n\n - alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).\n\n - alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).\n\n - alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).\n\n - alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).\n\n - alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).\n\n - alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).\n\n - alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).\n\n - alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).\n\n - alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).\n\n - alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).\n\n - alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).\n\n - alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).\n\n - alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).\n\n - alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).\n\n - alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).\n\n - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).\n\n - alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).\n\n - alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).\n\n - alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).\n\n - alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).\n\n - alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).\n\n - alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).\n\n - alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).\n\n - alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).\n\n - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n\n - alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).\n\n - alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).\n\n - alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).\n\n - alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n\n - alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).\n\n - Always sign validate_negotiate_info reqs (bsc#1071009, fate#324404).\n\n - apei / ERST: Fix missing error handling in erst_reader() (bsc#1072556).\n\n - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).\n\n - arm: Hide finish_arch_post_lock_switch() from modules (bsc#1068032).\n\n - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).\n\n - asoc: twl4030: fix child-node lookup (bsc#1031717).\n\n - asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).\n\n - autofs: fix careless error in recent commit (bnc#1012382 bsc#1065180).\n\n - bcache: Fix building error on MIPS (bnc#1012382).\n\n - bpf: prevent speculative execution in eBPF interpreter (bnc#1068032).\n\n - btrfs: clear space cache inode generation always (bnc#1012382).\n\n - carl9170: prevent speculative execution (bnc#1068032).\n\n - Check cmdline_find_option() retval properly and use boot_cpu_has().\n\n - cw1200: prevent speculative execution (bnc#1068032).\n\n - drm/radeon: fix atombios on big endian (bnc#1012382).\n\n - e1000e: Avoid receiver overrun interrupt bursts (bsc#969470 FATE#319819).\n\n - e1000e: Fix e1000_check_for_copper_link_ich8lan return value (bsc#1073809).\n\n - eeprom: at24: check at24_read/write arguments (bnc#1012382).\n\n - Fix leak of validate_negotiate_info resp (bsc#1071009, fate#324404).\n\n - Fix NULL pointer deref in SMB2_tcon() (bsc#1071009, fate#324404).\n\n - Fix validate_negotiate_info uninitialized mem (bsc#1071009, fate#324404).\n\n - fs: prevent speculative execution (bnc#1068032).\n\n - genwqe: Take R/W permissions into account when dealing with memory pages (bsc#1073090).\n\n - ibmvnic: Include header descriptor support for ARP packets (bsc#1073912).\n\n - ibmvnic: Increase maximum number of RX/TX queues (bsc#1073912).\n\n - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to IBMVNIC_MAX_QUEUES (bsc#1073912).\n\n - ipv6: prevent speculative execution (bnc#1068032).\n\n - kabi fix for new hash_cred function (bsc#1012917).\n\n - kaiser: add 'nokaiser' boot option, using ALTERNATIVE.\n\n - kaiser: align addition to x86/mm/Makefile.\n\n - kaiser: asm/tlbflush.h handle noPGE at lower level.\n\n - kaiser: cleanups while trying for gold link.\n\n - kaiser: Disable on Xen PV.\n\n - kaiser: do not set _PAGE_NX on pgd_none.\n\n - kaiser: drop is_atomic arg to kaiser_pagetable_walk().\n\n - kaiser: enhanced by kernel and user PCIDs.\n\n - kaiser: ENOMEM if kaiser_pagetable_walk() NULL.\n\n - kaiser: fix build and FIXME in alloc_ldt_struct().\n\n - kaiser: fix perf crashes.\n\n - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER.\n\n - kaiser: fix unlikely error in alloc_ldt_struct().\n\n - kaiser: KAISER depends on SMP.\n\n - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID.\n\n - kaiser: kaiser_remove_mapping() move along the pgd.\n\n - kaiser: Kernel Address Isolation.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user.\n\n - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET.\n\n - kaiser: paranoid_entry pass cr3 need to paranoid_exit.\n\n - kaiser: PCID 0 for kernel and 128 for user.\n\n - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls.\n\n - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE.\n\n - kaiser: tidied up asm/kaiser.h somewhat.\n\n - kaiser: tidied up kaiser_add/remove_mapping slightly.\n\n - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.\n\n - kaiser: vmstat show NR_KAISERTABLE as nr_overhead.\n\n - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user.\n\n - kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032).\n\n - kvm: x86: Add speculative control CPUID support for guests (bsc#1068032).\n\n - kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).\n\n - kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).\n\n - kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).\n\n - locking/barriers: introduce new memory barrier gmb() (bnc#1068032).\n\n - mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).\n\n - mm/mmu_context, sched/core: Fix mmu_context.h assumption (bsc#1068032).\n\n - mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).\n\n - netlink: add a start callback for starting a netlink dump (bnc#1012382).\n\n - net: mpls: prevent speculative execution (bnc#1068032).\n\n - nfsd: Fix another OPEN stateid race (bnc#1012382).\n\n - nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).\n\n - nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).\n\n - nfs: improve shinking of access cache (bsc#1012917).\n\n - nfs: revalidate '.' etc correctly on 'open' (bsc#1068951).\n\n - nfs: revalidate '.' etc correctly on 'open' (git-fixes).\n Fix References tag.\n\n - nfsv4: always set NFS_LOCK_LOST when a lock is lost (bsc#1068951).\n\n - p54: prevent speculative execution (bnc#1068032).\n\n - powerpc/barrier: add gmb.\n\n - powerpc: Secure memory rfi flush (bsc#1068032).\n\n - ptrace: Add a new thread access check (bsc#1068032).\n\n - qla2xxx: prevent speculative execution (bnc#1068032).\n\n - Redo encryption backport to fix pkt signing (bsc#1071009, fate#324404).\n\n - Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).\n\n - Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).\n\n - Revert 'netlink: add a start callback for starting a netlink dump' (kabi).\n\n - s390: add ppa to system call and program check path (bsc#1068032).\n\n - s390: introduce CPU alternatives.\n\n - s390: introduce CPU alternatives (bsc#1068032).\n\n - s390/spinlock: add gmb memory barrier\n\n - s390/spinlock: add gmb memory barrier (bsc#1068032).\n\n - s390/spinlock: add ppa to system call path Signoff the s390 patches.\n\n - sched/core: Add switch_mm_irqs_off() and use it in the scheduler (bsc#1068032).\n\n - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (bsc#1068032).\n\n - sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).\n\n - scsi_dh_alua: skip RTPG for devices only supporting active/optimized (bsc#1064311).\n\n - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25 (bsc#1063043). This is specific to FUJITSU ETERNUS_DX* targets. They can return 'Illegal Request - Logical unit not supported' and processing should leave the timeout loop in this case.\n\n - scsi: ses: check return code from ses_recv_diag() (bsc#1039616).\n\n - scsi: ses: Fixup error message 'failed to get diagnostic page 0xffffffea' (bsc#1039616).\n\n - scsi: ses: Fix wrong page error (bsc#1039616).\n\n - scsi: ses: make page2 support optional (bsc#1039616).\n\n - smb2: Fix share type handling (bnc#1074392).\n\n - sunrpc: add auth_unix hash_cred() function (bsc#1012917).\n\n - sunrpc: add generic_auth hash_cred() function (bsc#1012917).\n\n - sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).\n\n - sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).\n\n - sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).\n\n - sunrpc: use supplimental groups in auth hash (bsc#1012917).\n\n - Thermal/int340x: prevent speculative execution (bnc#1068032).\n\n - udf: prevent speculative execution (bnc#1068032).\n\n - usb: host: fix incorrect updating of offset (bsc#1047487).\n\n - userns: prevent speculative execution (bnc#1068032).\n\n - uvcvideo: prevent speculative execution (bnc#1068032).\n\n - vxlan: correctly handle ipv6.disable module parameter (bsc#1072962).\n\n - x86/boot: Add early cmdline parsing for options with arguments.\n\n - x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032).\n\n - x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032).\n\n - x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032).\n\n - x86/CPU: Check speculation control CPUID bit (bsc#1068032).\n\n - x86/efi-bgrt: Fix kernel panic when mapping BGRT data (bnc#1012382).\n\n - x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).\n\n - x86/efi: Build our own page table structures (bnc#1012382).\n\n - x86/efi: Hoist page table switching code into efi_call_virt() (bnc#1012382).\n\n - x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032).\n\n - x86/entry: Add a function to overwrite the RSB (bsc#1068032).\n\n - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032).\n\n - x86/entry: Use IBRS on entry to kernel space (bsc#1068032).\n\n - x86/feature: Enable the x86 feature to control Speculation (bsc#1068032).\n\n - x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032).\n\n - x86/idle: Toggle IBRS when going idle (bsc#1068032).\n\n - x86/kaiser: Check boottime cmdline params.\n\n - x86/kaiser: Move feature detection up (bsc#1068032).\n\n - x86/kaiser: Reenable PARAVIRT.\n\n - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.\n\n - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).\n\n - x86/kvm: Flush IBP when switching VMs (bsc#1068032).\n\n - x86/kvm: Pad RSB on VM transition (bsc#1068032).\n\n - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).\n\n - x86/mm/64: Fix reboot interaction with CR4.PCIDE (bsc#1068032).\n\n - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (bsc#1068032).\n\n - x86/mm: Add INVPCID helpers (bsc#1068032).\n\n - x86/mm: Add the 'nopcid' boot option to turn off PCID (bsc#1068032).\n\n - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (bsc#1068032).\n\n - x86/mm: Enable CR4.PCIDE on supported systems (bsc#1068032).\n\n - x86/mm: Fix INVPCID asm constraint (bsc#1068032).\n\n - x86/mm: If INVPCID is available, use it to flush global mappings (bsc#1068032).\n\n - x86/mm: Make flush_tlb_mm_range() more predictable (bsc#1068032).\n\n - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032).\n\n - x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (bnc#1012382).\n\n - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (bsc#1068032).\n\n - x86/mm: Remove flush_tlb() and flush_tlb_current_task() (bsc#1068032).\n\n - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (bsc#1068032).\n\n - x86/mm, sched/core: Turn off IRQs in switch_mm() (bsc#1068032).\n\n - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032).\n\n - x86/mm: Set IBPB upon context switch (bsc#1068032).\n\n - x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032).\n\n - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032).\n\n - x86/spec: Add IBRS control functions (bsc#1068032).\n\n - x86/spec: Add 'nospec' chicken bit (bsc#1068032).\n\n - x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032).\n\n - x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032).\n\n - x86/svm: Add code to clear registers on VM exit (bsc#1068032).\n\n - x86/svm: Clobber the RSB on VM exit (bsc#1068032).\n\n - x86/svm: Set IBPB when running a different VCPU (bsc#1068032).\n\n - x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2018-3) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2017-17806", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2018-3.NASL", "href": "https://www.tenable.com/plugins/nessus/105636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-3.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105636);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2018-3) (Meltdown) (Spectre)\");\n script_summary(english:\"Check for the openSUSE-2018-3 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.2 kernel was updated to 4.4.104 to receive\nvarious security and bugfixes.\n\nThis update adds mitigations for various side channel attacks against\nmodern CPUs that could disclose content of otherwise unreadable memory\n(bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use attacker controllable speculative\n execution over code patterns in the Linux Kernel to leak\n content from otherwise not readable memory in the same\n address space, allowing retrieval of passwords,\n cryptographic keys and other secrets.\n\n This problem is mitigated by adding speculative fencing\n on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring branch prediction\n could use mispredicted branches to speculatively execute\n code patterns that in turn could be made to leak other\n non-readable content in the same address space, an\n attack similar to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive\n branches, depending on CPU architecture either by\n firmware updates and/or fixes in the user-kernel\n privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on\n updated firmware or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be\n disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use code patterns in userspace to\n speculative executive code that would read otherwise\n read protected memory, an attack similar to\n CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel\n from the user address space during user code execution,\n following a approach called 'KAISER'. The terms used\n here are 'KAISER' / 'Kernel Address Isolation' and 'PTI'\n / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the\n 'pti=[on|off|auto]' or 'nopti' commandline options.\n\nThe following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c)\n in the Linux kernel did not validate that the underlying\n cryptographic hash algorithm is unkeyed, allowing a\n local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3\n hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel\n stack-based buffer overflow by executing a crafted\n sequence of system calls that encounter a missing SHA-3\n initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the\n Linux kernel did not correctly handle zero-length\n inputs, allowing a local attacker able to use the\n AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n service (uninitialized-memory free and kernel crash) or\n have unspecified other impact by executing a crafted\n sequence of system calls that use the blkcipher_walk\n API. Both the generic implementation\n (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n vulnerable (bnc#1073792).\n\nThe following non-security bugs were fixed :\n\n - Add undefine _unique_build_ids (bsc#964063)\n\n - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO\n mute leds (bsc#1031717).\n\n - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines\n (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP EliteBook 840 G3\n (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP ProBook 440 G4\n (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 820\n G2 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 840\n G3 (bsc#1031717).\n\n - alsa: hda - change the location for one mic on a Lenovo\n machine (bsc#1031717).\n\n - alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n\n - alsa: hda - Fix click noises on Samsung Ativ Book 8\n (bsc#1031717).\n\n - alsa: hda - fix headset mic detection issue on a Dell\n machine (bsc#1031717).\n\n - alsa: hda - fix headset mic problem for Dell machines\n with alc274 (bsc#1031717).\n\n - alsa: hda - Fix headset microphone detection for ASUS\n N551 and N751 (bsc#1031717).\n\n - alsa: hda - Fix mic regression by ASRock mobo fixup\n (bsc#1031717).\n\n - alsa: hda - Fix missing COEF init for ALC225/295/299\n (bsc#1031717).\n\n - alsa: hda - Fix surround output pins for ASRock B150M\n mobo (bsc#1031717).\n\n - alsa: hda - On-board speaker fixup on ACER Veriton\n (bsc#1031717).\n\n - alsa: hda/realtek - Add ALC256 HP depop function\n (bsc#1031717).\n\n - alsa: hda/realtek - Add default procedure for suspend\n and resume state (bsc#1031717).\n\n - alsa: hda/realtek - Add support for Acer Aspire E5-475\n headset mic (bsc#1031717).\n\n - alsa: hda/realtek - Add support for ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - Add support for headset MIC for\n ALC622 (bsc#1031717).\n\n - alsa: hda/realtek - ALC891 headset mode for Dell\n (bsc#1031717).\n\n - alsa: hda/realtek - change the location for one of two\n front microphones (bsc#1031717).\n\n - alsa: hda/realtek - Enable jack detection function for\n Intel ALC700 (bsc#1031717).\n\n - alsa: hda/realtek - Fix ALC275 no sound issue\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix Dell AIO LineOut issue\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset and mic on several Asus\n laptops with ALC256 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic and speaker on Asus\n X441SA/X441UV (bsc#1031717).\n\n - alsa: hda/realtek - fix headset mic detection for MSI\n MS-B120 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic on several Asus\n laptops with ALC255 (bsc#1031717).\n\n - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix speaker support for Asus AiO\n ZN270IE (bsc#1031717).\n\n - alsa: hda/realtek - Fix typo of pincfg for Dell quirk\n (bsc#1031717).\n\n - alsa: hda/realtek - New codec device ID for ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - New codecs support for\n ALC215/ALC285/ALC289 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support for ALC257\n (bsc#1031717).\n\n - alsa: hda/realtek - New codec support of ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - No loopback on ALC225/ALC295 codec\n (bsc#1031717).\n\n - alsa: hda/realtek - Remove ALC285 device ID\n (bsc#1031717).\n\n - alsa: hda/realtek - Support Dell headset mode for\n ALC3271 (bsc#1031717).\n\n - alsa: hda/realtek - Support headset mode for\n ALC234/ALC274/ALC294 (bsc#1031717).\n\n - alsa: hda/realtek - There is no loopback mixer in the\n ALC234/274/294 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC225\n (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC298\n (bsc#1031717).\n\n - alsa: hda - Skip Realtek SKU check for Lenovo machines\n (bsc#1031717).\n\n - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n\n - alsa: rawmidi: Avoid racy info ioctl via ctl device\n (bsc#1031717).\n\n - alsa: seq: Remove spurious WARN_ON() at timer check\n (bsc#1031717).\n\n - alsa: usb-audio: Add check return value for usb_string()\n (bsc#1031717).\n\n - alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n\n - alsa: usb-audio: Fix the missing ctl name suffix at\n parsing SU (bsc#1031717).\n\n - Always sign validate_negotiate_info reqs (bsc#1071009,\n fate#324404).\n\n - apei / ERST: Fix missing error handling in erst_reader()\n (bsc#1072556).\n\n - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1\n cd-gpio (bnc#1012382).\n\n - arm: Hide finish_arch_post_lock_switch() from modules\n (bsc#1068032).\n\n - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning\n up on failure (bsc#1031717).\n\n - asoc: twl4030: fix child-node lookup (bsc#1031717).\n\n - asoc: wm_adsp: Fix validation of firmware and coeff\n lengths (bsc#1031717).\n\n - autofs: fix careless error in recent commit (bnc#1012382\n bsc#1065180).\n\n - bcache: Fix building error on MIPS (bnc#1012382).\n\n - bpf: prevent speculative execution in eBPF interpreter\n (bnc#1068032).\n\n - btrfs: clear space cache inode generation always\n (bnc#1012382).\n\n - carl9170: prevent speculative execution (bnc#1068032).\n\n - Check cmdline_find_option() retval properly and use\n boot_cpu_has().\n\n - cw1200: prevent speculative execution (bnc#1068032).\n\n - drm/radeon: fix atombios on big endian (bnc#1012382).\n\n - e1000e: Avoid receiver overrun interrupt bursts\n (bsc#969470 FATE#319819).\n\n - e1000e: Fix e1000_check_for_copper_link_ich8lan return\n value (bsc#1073809).\n\n - eeprom: at24: check at24_read/write arguments\n (bnc#1012382).\n\n - Fix leak of validate_negotiate_info resp (bsc#1071009,\n fate#324404).\n\n - Fix NULL pointer deref in SMB2_tcon() (bsc#1071009,\n fate#324404).\n\n - Fix validate_negotiate_info uninitialized mem\n (bsc#1071009, fate#324404).\n\n - fs: prevent speculative execution (bnc#1068032).\n\n - genwqe: Take R/W permissions into account when dealing\n with memory pages (bsc#1073090).\n\n - ibmvnic: Include header descriptor support for ARP\n packets (bsc#1073912).\n\n - ibmvnic: Increase maximum number of RX/TX queues\n (bsc#1073912).\n\n - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to\n IBMVNIC_MAX_QUEUES (bsc#1073912).\n\n - ipv6: prevent speculative execution (bnc#1068032).\n\n - kabi fix for new hash_cred function (bsc#1012917).\n\n - kaiser: add 'nokaiser' boot option, using ALTERNATIVE.\n\n - kaiser: align addition to x86/mm/Makefile.\n\n - kaiser: asm/tlbflush.h handle noPGE at lower level.\n\n - kaiser: cleanups while trying for gold link.\n\n - kaiser: Disable on Xen PV.\n\n - kaiser: do not set _PAGE_NX on pgd_none.\n\n - kaiser: drop is_atomic arg to kaiser_pagetable_walk().\n\n - kaiser: enhanced by kernel and user PCIDs.\n\n - kaiser: ENOMEM if kaiser_pagetable_walk() NULL.\n\n - kaiser: fix build and FIXME in alloc_ldt_struct().\n\n - kaiser: fix perf crashes.\n\n - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER.\n\n - kaiser: fix unlikely error in alloc_ldt_struct().\n\n - kaiser: KAISER depends on SMP.\n\n - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID.\n\n - kaiser: kaiser_remove_mapping() move along the pgd.\n\n - kaiser: Kernel Address Isolation.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush\n user.\n\n - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET.\n\n - kaiser: paranoid_entry pass cr3 need to paranoid_exit.\n\n - kaiser: PCID 0 for kernel and 128 for user.\n\n - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid\n stalls.\n\n - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE.\n\n - kaiser: tidied up asm/kaiser.h somewhat.\n\n - kaiser: tidied up kaiser_add/remove_mapping slightly.\n\n - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.\n\n - kaiser: vmstat show NR_KAISERTABLE as nr_overhead.\n\n - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user.\n\n - kvm: SVM: Do not intercept new speculative control MSRs\n (bsc#1068032).\n\n - kvm: x86: Add speculative control CPUID support for\n guests (bsc#1068032).\n\n - kvm: x86: Exit to user-mode on #UD intercept when\n emulator requires (bnc#1012382).\n\n - kvm: x86: inject exceptions produced by x86_decode_insn\n (bnc#1012382).\n\n - kvm: x86: pvclock: Handle first-time write to\n pvclock-page contains random junk (bnc#1012382).\n\n - locking/barriers: introduce new memory barrier gmb()\n (bnc#1068032).\n\n - mmc: core: Do not leave the block driver in a suspended\n state (bnc#1012382).\n\n - mm/mmu_context, sched/core: Fix mmu_context.h assumption\n (bsc#1068032).\n\n - mtd: nand: Fix writing mtdoops to nand flash\n (bnc#1012382).\n\n - netlink: add a start callback for starting a netlink\n dump (bnc#1012382).\n\n - net: mpls: prevent speculative execution (bnc#1068032).\n\n - nfsd: Fix another OPEN stateid race (bnc#1012382).\n\n - nfsd: Fix stateid races between OPEN and CLOSE\n (bnc#1012382).\n\n - nfsd: Make init_open_stateid() a bit more whole\n (bnc#1012382).\n\n - nfs: improve shinking of access cache (bsc#1012917).\n\n - nfs: revalidate '.' etc correctly on 'open'\n (bsc#1068951).\n\n - nfs: revalidate '.' etc correctly on 'open' (git-fixes).\n Fix References tag.\n\n - nfsv4: always set NFS_LOCK_LOST when a lock is lost\n (bsc#1068951).\n\n - p54: prevent speculative execution (bnc#1068032).\n\n - powerpc/barrier: add gmb.\n\n - powerpc: Secure memory rfi flush (bsc#1068032).\n\n - ptrace: Add a new thread access check (bsc#1068032).\n\n - qla2xxx: prevent speculative execution (bnc#1068032).\n\n - Redo encryption backport to fix pkt signing\n (bsc#1071009, fate#324404).\n\n - Revert 'drm/radeon: dont switch vt on suspend'\n (bnc#1012382).\n\n - Revert 'ipsec: Fix aborted xfrm policy dump crash'\n (kabi).\n\n - Revert 'netlink: add a start callback for starting a\n netlink dump' (kabi).\n\n - s390: add ppa to system call and program check path\n (bsc#1068032).\n\n - s390: introduce CPU alternatives.\n\n - s390: introduce CPU alternatives (bsc#1068032).\n\n - s390/spinlock: add gmb memory barrier\n\n - s390/spinlock: add gmb memory barrier (bsc#1068032).\n\n - s390/spinlock: add ppa to system call path Signoff the\n s390 patches.\n\n - sched/core: Add switch_mm_irqs_off() and use it in the\n scheduler (bsc#1068032).\n\n - sched/core: Idle_task_exit() shouldn't use\n switch_mm_irqs_off() (bsc#1068032).\n\n - sched/rt: Do not pull from current CPU if only one CPU\n to pull (bnc#1022476).\n\n - scsi_dh_alua: skip RTPG for devices only supporting\n active/optimized (bsc#1064311).\n\n - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25\n (bsc#1063043). This is specific to FUJITSU ETERNUS_DX*\n targets. They can return 'Illegal Request - Logical unit\n not supported' and processing should leave the timeout\n loop in this case.\n\n - scsi: ses: check return code from ses_recv_diag()\n (bsc#1039616).\n\n - scsi: ses: Fixup error message 'failed to get diagnostic\n page 0xffffffea' (bsc#1039616).\n\n - scsi: ses: Fix wrong page error (bsc#1039616).\n\n - scsi: ses: make page2 support optional (bsc#1039616).\n\n - smb2: Fix share type handling (bnc#1074392).\n\n - sunrpc: add auth_unix hash_cred() function\n (bsc#1012917).\n\n - sunrpc: add generic_auth hash_cred() function\n (bsc#1012917).\n\n - sunrpc: add hash_cred() function to rpc_authops struct\n (bsc#1012917).\n\n - sunrpc: add RPCSEC_GSS hash_cred() function\n (bsc#1012917).\n\n - sunrpc: replace generic auth_cred hash with\n auth-specific function (bsc#1012917).\n\n - sunrpc: use supplimental groups in auth hash\n (bsc#1012917).\n\n - Thermal/int340x: prevent speculative execution\n (bnc#1068032).\n\n - udf: prevent speculative execution (bnc#1068032).\n\n - usb: host: fix incorrect updating of offset\n (bsc#1047487).\n\n - userns: prevent speculative execution (bnc#1068032).\n\n - uvcvideo: prevent speculative execution (bnc#1068032).\n\n - vxlan: correctly handle ipv6.disable module parameter\n (bsc#1072962).\n\n - x86/boot: Add early cmdline parsing for options with\n arguments.\n\n - x86/CPU/AMD: Add speculative control support for AMD\n (bsc#1068032).\n\n - x86/CPU/AMD: Make the LFENCE instruction serialized\n (bsc#1068032).\n\n - x86/CPU/AMD: Remove now unused definition of\n MFENCE_RDTSC feature (bsc#1068032).\n\n - x86/CPU: Check speculation control CPUID bit\n (bsc#1068032).\n\n - x86/efi-bgrt: Fix kernel panic when mapping BGRT data\n (bnc#1012382).\n\n - x86/efi-bgrt: Replace early_memremap() with memremap()\n (bnc#1012382).\n\n - x86/efi: Build our own page table structures\n (bnc#1012382).\n\n - x86/efi: Hoist page table switching code into\n efi_call_virt() (bnc#1012382).\n\n - x86/enter: Add macros to set/clear IBRS and set IBPB\n (bsc#1068032).\n\n - x86/entry: Add a function to overwrite the RSB\n (bsc#1068032).\n\n - x86/entry: Stuff RSB for entry to kernel for non-SMEP\n platform (bsc#1068032).\n\n - x86/entry: Use IBRS on entry to kernel space\n (bsc#1068032).\n\n - x86/feature: Enable the x86 feature to control\n Speculation (bsc#1068032).\n\n - x86/idle: Disable IBRS when offlining a CPU and\n re-enable on wakeup (bsc#1068032).\n\n - x86/idle: Toggle IBRS when going idle (bsc#1068032).\n\n - x86/kaiser: Check boottime cmdline params.\n\n - x86/kaiser: Move feature detection up (bsc#1068032).\n\n - x86/kaiser: Reenable PARAVIRT.\n\n - x86/kaiser: Rename and simplify X86_FEATURE_KAISER\n handling.\n\n - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to\n kvm (bsc#1068032).\n\n - x86/kvm: Flush IBP when switching VMs (bsc#1068032).\n\n - x86/kvm: Pad RSB on VM transition (bsc#1068032).\n\n - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).\n\n - x86/mm/64: Fix reboot interaction with CR4.PCIDE\n (bsc#1068032).\n\n - x86/mm: Add a 'noinvpcid' boot option to turn off\n INVPCID (bsc#1068032).\n\n - x86/mm: Add INVPCID helpers (bsc#1068032).\n\n - x86/mm: Add the 'nopcid' boot option to turn off PCID\n (bsc#1068032).\n\n - x86/mm: Build arch/x86/mm/tlb.c even on !SMP\n (bsc#1068032).\n\n - x86/mm: Enable CR4.PCIDE on supported systems\n (bsc#1068032).\n\n - x86/mm: Fix INVPCID asm constraint (bsc#1068032).\n\n - x86/mm: If INVPCID is available, use it to flush global\n mappings (bsc#1068032).\n\n - x86/mm: Make flush_tlb_mm_range() more predictable\n (bsc#1068032).\n\n - x86/mm: Only set IBPB when the new thread cannot ptrace\n current thread (bsc#1068032).\n\n - x86/mm/pat: Ensure cpa->pfn only contains page frame\n numbers (bnc#1012382).\n\n - x86/mm: Reimplement flush_tlb_page() using\n flush_tlb_mm_range() (bsc#1068032).\n\n - x86/mm: Remove flush_tlb() and flush_tlb_current_task()\n (bsc#1068032).\n\n - x86/mm: Remove the UP asm/tlbflush.h code, always use\n the (formerly) SMP code (bsc#1068032).\n\n - x86/mm, sched/core: Turn off IRQs in switch_mm()\n (bsc#1068032).\n\n - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032).\n\n - x86/mm: Set IBPB upon context switch (bsc#1068032).\n\n - x86/MSR: Move native_*msr(.. u64) to msr.h\n (bsc#1068032).\n\n - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032).\n\n - x86/spec: Add IBRS control functions (bsc#1068032).\n\n - x86/spec: Add 'nospec' chicken bit (bsc#1068032).\n\n - x86/spec: Check CPUID direclty post microcode reload to\n support IBPB feature (bsc#1068032).\n\n - x86/spec_ctrl: Add an Indirect Branch Predictor barrier\n (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBPB is enabled before\n using it (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBRS is enabled before\n using it (bsc#1068032).\n\n - x86/svm: Add code to clear registers on VM exit\n (bsc#1068032).\n\n - x86/svm: Clobber the RSB on VM exit (bsc#1068032).\n\n - x86/svm: Set IBPB when running a different VCPU\n (bsc#1068032).\n\n - x86/svm: Set IBRS value on VM entry and exit\n (bsc#1068032).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1063043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1064311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1071009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=964063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969470\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/08\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debugsource-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debugsource-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-devel-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-devel-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-html-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-pdf-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-macros-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-debugsource-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-qa-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-vanilla-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-syms-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debuginfo-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debugsource-4.4.104-18.44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-devel-4.4.104-18.44.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-docs-html / kernel-docs-pdf / kernel-devel / kernel-macros / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:08:56", "description": "The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 / 'Spec&Atilde;&#133;&Acirc;&sect;reAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please also check with your CPU / Hardware vendor on updated firmware or BIOS images regarding this issue. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'.\n The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. Note that this is only done on affected platforms. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. Also the following unrelated security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-04T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0012-1) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2017-17806", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-0012-1.NASL", "href": "https://www.tenable.com/plugins/nessus/105576", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0012-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105576);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/09/10 13:51:46\");\n\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0012-1) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various\nsecurity and bugfixes. This update adds mitigations for various side\nchannel attacks against modern CPUs that could disclose content of\notherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 /\n 'Spec&Atilde;&#133;&Acirc;&sect;reAttack': Local\n attackers on systems with modern CPUs featuring deep\n instruction pipelining could use attacker controllable\n speculative execution over code patterns in the Linux\n Kernel to leak content from otherwise not readable\n memory in the same address space, allowing retrieval of\n passwords, cryptographic keys and other secrets. This\n problem is mitigated by adding speculative fencing on\n affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring branch prediction\n could use mispredicted branches to speculatively execute\n code patterns that in turn could be made to leak other\n non-readable content in the same address space, an\n attack similar to CVE-2017-5753. This problem is\n mitigated by disabling predictive branches, depending on\n CPU architecture either by firmware updates and/or fixes\n in the user-kernel privilege boundaries. Please also\n check with your CPU / Hardware vendor on updated\n firmware or BIOS images regarding this issue. As this\n feature can have a performance impact, it can be\n disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use code patterns in userspace to\n speculative executive code that would read otherwise\n read protected memory, an attack similar to\n CVE-2017-5753. This problem is mitigated by unmapping\n the Linux Kernel from the user address space during user\n code execution, following a approach called 'KAISER'.\n The terms used here are 'KAISER' / 'Kernel Address\n Isolation' and 'PTI' / 'Page Table Isolation'. Note that\n this is only done on affected platforms. This feature\n can be enabled / disabled by the 'pti=[on|off|auto]' or\n 'nopti' commandline options. Also the following\n unrelated security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c)\n in the Linux kernel did not validate that the underlying\n cryptographic hash algorithm is unkeyed, allowing a\n local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3\n hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel\n stack-based buffer overflow by executing a crafted\n sequence of system calls that encounter a missing SHA-3\n initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the\n Linux kernel did not correctly handle zero-length\n inputs, allowing a local attacker able to use the\n AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n service (uninitialized-memory free and kernel crash) or\n have unspecified other impact by executing a crafted\n sequence of system calls that use the blkcipher_walk\n API. Both the generic implementation\n (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n vulnerable (bnc#1073792).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1047487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1063043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969470\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17806/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180012-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6840a256\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2018-11=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2018-11=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-11=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-11=1\n\nSUSE Linux Enterprise Live Patching 12:zypper in -t patch\nSUSE-SLE-Live-Patching-12-2018-11=1\n\nSUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch\nSUSE-SLE-HA-12-SP2-2018-11=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2018-11=1\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-11=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-default-man-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-base-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-base-debuginfo-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-debuginfo-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-debugsource-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-devel-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-syms-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.4.103-92.56.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.103-92.56.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:09:29", "description": "The openSUSE Leap 42.3 kernel was updated to 4.4.104 to receive various security and bugfixes.\n\nThis update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets.\n\n This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on updated firmware or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options.\n\nThe following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).\n\nThe following non-security bugs were fixed :\n\n - Add undefine _unique_build_ids (bsc#964063)\n\n - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).\n\n - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).\n\n - alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).\n\n - alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n\n - alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).\n\n - alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).\n\n - alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).\n\n - alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).\n\n - alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).\n\n - alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).\n\n - alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).\n\n - alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).\n\n - alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).\n\n - alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).\n\n - alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).\n\n - alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).\n\n - alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).\n\n - alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).\n\n - alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).\n\n - alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).\n\n - alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).\n\n - alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).\n\n - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).\n\n - alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).\n\n - alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).\n\n - alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).\n\n - alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).\n\n - alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).\n\n - alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).\n\n - alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).\n\n - alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).\n\n - alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).\n\n - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n\n - alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).\n\n - alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).\n\n - alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).\n\n - alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n\n - alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).\n\n - apei / ERST: Fix missing error handling in erst_reader() (bsc#1072556).\n\n - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).\n\n - arm: Hide finish_arch_post_lock_switch() from modules (bsc#1068032).\n\n - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).\n\n - asoc: twl4030: fix child-node lookup (bsc#1031717).\n\n - asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).\n\n - autofs: fix careless error in recent commit (bnc#1012382 bsc#1065180).\n\n - bcache: Fix building error on MIPS (bnc#1012382).\n\n - bnxt_en: Do not print 'Link speed -1 no longer supported' messages (bsc#1070116).\n\n - bpf: prevent speculative execution in eBPF interpreter (bnc#1068032).\n\n - btrfs: clear space cache inode generation always (bnc#1012382).\n\n - btrfs: embed extent_changeset::range_changed to the structure (dependent patch, bsc#1031395).\n\n - btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (bsc#1031395).\n\n - btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (bsc#1031395).\n\n - btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependent patch, bsc#1031395).\n\n - btrfs: qgroup: Return actually freed bytes for qgroup release or free data (bsc#1031395).\n\n - btrfs: qgroup-test: Fix backport error in qgroup selftest (just to make CONFIG_BTRFS_FS_RUN_SANITY_TESTS pass compile).\n\n - btrfs: ulist: make the finalization function public (dependent patch, bsc#1031395).\n\n - btrfs: ulist: rename ulist_fini to ulist_release (dependent patch, bsc#1031395).\n\n - carl9170: prevent speculative execution (bnc#1068032).\n\n - ceph: drop negative child dentries before try pruning inode's alias (bsc#1073525).\n\n - Check cmdline_find_option() retval properly and use boot_cpu_has().\n\n - cifs: Fix NULL pointer deref on SMB2_tcon() failure (bsc#1071009).\n\n - cw1200: prevent speculative execution (bnc#1068032).\n\n - drm/radeon: fix atombios on big endian (bnc#1012382).\n\n - e1000e: Fix e1000_check_for_copper_link_ich8lan return value (bsc#1073809).\n\n - eeprom: at24: check at24_read/write arguments (bnc#1012382).\n\n - Fix unsed variable warning in has_unmovable_pages (bsc#1073868).\n\n - fs: prevent speculative execution (bnc#1068032).\n\n - genwqe: Take R/W permissions into account when dealing with memory pages (bsc#1073090).\n\n - ibmvnic: Include header descriptor support for ARP packets (bsc#1073912).\n\n - ibmvnic: Increase maximum number of RX/TX queues (bsc#1073912).\n\n - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to IBMVNIC_MAX_QUEUES (bsc#1073912).\n\n - ib/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() (FATE#321231 FATE#321473 FATE#322153 FATE#322149).\n\n - ip_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).\n\n - ipv6: prevent speculative execution (bnc#1068032).\n\n - iw_cxgb4: fix misuse of integer variable (bsc#963897,FATE#320114).\n\n - iw_cxgb4: only insert drain cqes if wq is flushed (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n\n - iw_cxgb4: reflect the original WR opcode in drain cqes (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n\n - iw_cxgb4: when flushing, complete all wrs in a chain (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n\n - kabi fix for new hash_cred function (bsc#1012917).\n\n - kaiser: add 'nokaiser' boot option, using ALTERNATIVE.\n\n - kaiser: align addition to x86/mm/Makefile.\n\n - kaiser: asm/tlbflush.h handle noPGE at lower level.\n\n - kaiser: cleanups while trying for gold link.\n\n - kaiser: disabled on Xen PV.\n\n - kaiser: do not set _PAGE_NX on pgd_none.\n\n - kaiser: drop is_atomic arg to kaiser_pagetable_walk().\n\n - kaiser: enhanced by kernel and user PCIDs.\n\n - kaiser: ENOMEM if kaiser_pagetable_walk() NULL.\n\n - kaiser: fix build and FIXME in alloc_ldt_struct().\n\n - kaiser: fix perf crashes.\n\n - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER.\n\n - kaiser: fix unlikely error in alloc_ldt_struct().\n\n - kaiser: KAISER depends on SMP.\n\n - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID.\n\n - kaiser: kaiser_remove_mapping() move along the pgd.\n\n - kaiser: Kernel Address Isolation.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user.\n\n - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET.\n\n - kaiser: paranoid_entry pass cr3 need to paranoid_exit.\n\n - kaiser: PCID 0 for kernel and 128 for user.\n\n - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls.\n\n - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE.\n\n - kaiser: tidied up asm/kaiser.h somewhat.\n\n - kaiser: tidied up kaiser_add/remove_mapping slightly.\n\n - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.\n\n - kaiser: vmstat show NR_KAISERTABLE as nr_overhead.\n\n - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user.\n\n - kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032).\n\n - kvm: x86: Add speculative control CPUID support for guests (bsc#1068032).\n\n - kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).\n\n - kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).\n\n - kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).\n\n - locking/barriers: introduce new memory barrier gmb() (bnc#1068032).\n\n - mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).\n\n - mm/mmu_context, sched/core: Fix mmu_context.h assumption (bsc#1068032).\n\n - mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).\n\n - netlink: add a start callback for starting a netlink dump (bnc#1012382).\n\n - net/mlx5e: DCBNL, Implement tc with ets type and zero bandwidth (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n\n - net/mlx5e: Fix ETS BW check (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n\n - net/mlx5: Fix error flow in CREATE_QP command (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n\n - net: mpls: prevent speculative execution (bnc#1068032).\n\n - nfsd: Fix another OPEN stateid race (bnc#1012382).\n\n - nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).\n\n - nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).\n\n - nfs: improve shinking of access cache (bsc#1012917).\n\n - nfs: revalidate '.' etc correctly on 'open' (bsc#1068951).\n\n - nfs: revalidate '.' etc correctly on 'open' (git-fixes).\n Fix References: tag.\n\n - nfsv4: always set NFS_LOCK_LOST when a lock is lost (bsc#1068951).\n\n - nvme-fabrics: introduce init command check for a queue that is not alive (bsc#1072890).\n\n - nvme-fc: check if queue is ready in queue_rq (bsc#1072890).\n\n - nvme-fc: do not use bit masks for set/test_bit() numbers (bsc#1072890).\n\n - nvme-loop: check if queue is ready in queue_rq (bsc#1072890).\n\n - nvmet-fc: cleanup nvmet add_port/remove_port (bsc#1072890).\n\n - nvmet_fc: correct broken add_port (bsc#1072890).\n\n - p54: prevent speculative execution (bnc#1068032).\n\n - powerpc/barrier: add gmb.\n\n - powerpc: Secure memory rfi flush (bsc#1068032).\n\n - ptrace: Add a new thread access check (bsc#1068032).\n\n - qla2xxx: prevent speculative execution (bnc#1068032).\n\n - Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).\n\n - Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).\n\n - Revert 'netlink: add a start callback for starting a netlink dump' (kabi).\n\n - s390: add ppa to system call and program check path (bsc#1068032).\n\n - s390: introduce CPU alternatives.\n\n - s390: introduce CPU alternatives (bsc#1068032).\n\n - s390/qeth: add missing hash table initializations (bnc#1072216, LTC#162173).\n\n - s390/qeth: fix early exit from error path (bnc#1072216, LTC#162173).\n\n - s390/qeth: fix thinko in IPv4 multicast address tracking (bnc#1072216, LTC#162173).\n\n - s390/spinlock: add gmb memory barrier\n\n - s390/spinlock: add gmb memory barrier (bsc#1068032).\n\n - s390/spinlock: add ppa to system call path Signoff the s390 patches.\n\n - sched/core: Add switch_mm_irqs_off() and use it in the scheduler (bsc#1068032).\n\n - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (bsc#1068032).\n\n - sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).\n\n - scsi_dh_alua: skip RTPG for devices only supporting active/optimized (bsc#1064311).\n\n - scsi: lpfc: correct sg_seg_cnt attribute min vs default (bsc#1072166).\n\n - scsi: qedi: Limit number for CQ queues (bsc#1072866).\n\n - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25 (bsc#1063043). This is specific to FUJITSU ETERNUS_DX* targets. They can return 'Illegal Request - Logical unit not supported' and processing should leave the timeout loop in this case.\n\n - scsi: ses: check return code from ses_recv_diag() (bsc#1039616).\n\n - scsi: ses: Fixup error message 'failed to get diagnostic page 0xffffffea' (bsc#1039616).\n\n - scsi: ses: Fix wrong page error (bsc#1039616).\n\n - scsi: ses: make page2 support optional (bsc#1039616).\n\n - sfc: pass valid pointers from efx_enqueue_unwind (bsc#1017967 FATE#321663).\n\n - sunrpc: add auth_unix hash_cred() function (bsc#1012917).\n\n - sunrpc: add generic_auth hash_cred() function (bsc#1012917).\n\n - sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).\n\n - sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).\n\n - sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).\n\n - sunrpc: use supplimental groups in auth hash (bsc#1012917).\n\n - Thermal/int340x: prevent speculative execution (bnc#1068032).\n\n - udf: prevent speculative execution (bnc#1068032).\n\n - Update config files: enable KAISER.\n\n - usb: host: fix incorrect updating of offset (bsc#1047487).\n\n - userns: prevent speculative execution (bnc#1068032).\n\n - uvcvideo: prevent speculative execution (bnc#1068032).\n\n - vxlan: correctly handle ipv6.disable module parameter (bsc#1072962).\n\n - x86/boot: Add early cmdline parsing for options with arguments.\n\n - x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032).\n\n - x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032).\n\n - x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032).\n\n - x86/CPU: Check speculation control CPUID bit (bsc#1068032).\n\n - x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).\n\n - x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032).\n\n - x86/entry: Add a function to overwrite the RSB (bsc#1068032).\n\n - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032).\n\n - x86/entry: Use IBRS on entry to kernel space (bsc#1068032).\n\n - x86/feature: Enable the x86 feature to control Speculation (bsc#1068032).\n\n - x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032).\n\n - x86/idle: Toggle IBRS when going idle (bsc#1068032).\n\n - x86/kaiser: Check boottime cmdline params.\n\n - x86/kaiser: Move feature detection up (bsc#1068032).\n\n - x86/kaiser: Reenable PARAVIRT.\n\n - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.\n\n - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).\n\n - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).\n\n - x86/kvm: Flush IBP when switching VMs (bsc#1068032).\n\n - x86/kvm: Pad RSB on VM transition (bsc#1068032).\n\n - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).\n\n - x86/mm/64: Fix reboot interaction with CR4.PCIDE (bsc#1068032).\n\n - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (bsc#1068032).\n\n - x86/mm: Add INVPCID helpers (bsc#1068032).\n\n - x86/mm: Add the 'nopcid' boot option to turn off PCID (bsc#1068032).\n\n - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (bsc#1068032).\n\n - x86/mm: Enable CR4.PCIDE on supported systems (bsc#1068032).\n\n - x86/mm: Fix INVPCID asm constraint (bsc#1068032).\n\n - x86/mm: If INVPCID is available, use it to flush global mappings (bsc#1068032).\n\n - x86/mm: Make flush_tlb_mm_range() more predictable (bsc#1068032).\n\n - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032).\n\n - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (bsc#1068032).\n\n - x86/mm: Remove flush_tlb() and flush_tlb_current_task() (bsc#1068032).\n\n - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (bsc#1068032).\n\n - x86/mm, sched/core: Turn off IRQs in switch_mm() (bsc#1068032).\n\n - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032).\n\n - x86/mm: Set IBPB upon context switch (bsc#1068032).\n\n - x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032).\n\n - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032).\n\n - x86/spec: Add IBRS control functions (bsc#1068032).\n\n - x86/spec: Add 'nospec' chicken bit (bsc#1068032).\n\n - x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032).\n\n - x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032).\n\n - x86/svm: Add code to clear registers on VM exit (bsc#1068032).\n\n - x86/svm: Clobber the RSB on VM exit (bsc#1068032).\n\n - x86/svm: Set IBPB when running a different VCPU (bsc#1068032).\n\n - x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2018-2) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2017-17806", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kselftests-kmp-debug", "p-cpe:/a:novell:opensuse:kselftests-kmp-debug-debuginfo", "p-cpe:/a:novell:opensuse:kselftests-kmp-default", "p-cpe:/a:novell:opensuse:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:kselftests-kmp-vanilla", "p-cpe:/a:novell:opensuse:kselftests-kmp-vanilla-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-2.NASL", "href": "https://www.tenable.com/plugins/nessus/105597", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-2.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105597);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2018-2) (Meltdown) (Spectre)\");\n script_summary(english:\"Check for the openSUSE-2018-2 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.3 kernel was updated to 4.4.104 to receive\nvarious security and bugfixes.\n\nThis update adds mitigations for various side channel attacks against\nmodern CPUs that could disclose content of otherwise unreadable memory\n(bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use attacker controllable speculative\n execution over code patterns in the Linux Kernel to leak\n content from otherwise not readable memory in the same\n address space, allowing retrieval of passwords,\n cryptographic keys and other secrets.\n\n This problem is mitigated by adding speculative fencing\n on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring branch prediction\n could use mispredicted branches to speculatively execute\n code patterns that in turn could be made to leak other\n non-readable content in the same address space, an\n attack similar to CVE-2017-5753.\n\n This problem is mitigated by disabling predictive\n branches, depending on CPU architecture either by\n firmware updates and/or fixes in the user-kernel\n privilege boundaries.\n\n Please also check with your CPU / Hardware vendor on\n updated firmware or BIOS images regarding this issue.\n\n As this feature can have a performance impact, it can be\n disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use code patterns in userspace to\n speculative executive code that would read otherwise\n read protected memory, an attack similar to\n CVE-2017-5753.\n\n This problem is mitigated by unmapping the Linux Kernel\n from the user address space during user code execution,\n following a approach called 'KAISER'. The terms used\n here are 'KAISER' / 'Kernel Address Isolation' and 'PTI'\n / 'Page Table Isolation'.\n\n Note that this is only done on affected platforms.\n\n This feature can be enabled / disabled by the\n 'pti=[on|off|auto]' or 'nopti' commandline options.\n\nThe following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c)\n in the Linux kernel did not validate that the underlying\n cryptographic hash algorithm is unkeyed, allowing a\n local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3\n hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel\n stack-based buffer overflow by executing a crafted\n sequence of system calls that encounter a missing SHA-3\n initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the\n Linux kernel did not correctly handle zero-length\n inputs, allowing a local attacker able to use the\n AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n service (uninitialized-memory free and kernel crash) or\n have unspecified other impact by executing a crafted\n sequence of system calls that use the blkcipher_walk\n API. Both the generic implementation\n (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n vulnerable (bnc#1073792).\n\nThe following non-security bugs were fixed :\n\n - Add undefine _unique_build_ids (bsc#964063)\n\n - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO\n mute leds (bsc#1031717).\n\n - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines\n (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP EliteBook 840 G3\n (bsc#1031717).\n\n - alsa: hda - Add mute led support for HP ProBook 440 G4\n (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 820\n G2 (bsc#1031717).\n\n - alsa: hda - add support for docking station for HP 840\n G3 (bsc#1031717).\n\n - alsa: hda - change the location for one mic on a Lenovo\n machine (bsc#1031717).\n\n - alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n\n - alsa: hda - Fix click noises on Samsung Ativ Book 8\n (bsc#1031717).\n\n - alsa: hda - fix headset mic detection issue on a Dell\n machine (bsc#1031717).\n\n - alsa: hda - fix headset mic problem for Dell machines\n with alc274 (bsc#1031717).\n\n - alsa: hda - Fix headset microphone detection for ASUS\n N551 and N751 (bsc#1031717).\n\n - alsa: hda - Fix mic regression by ASRock mobo fixup\n (bsc#1031717).\n\n - alsa: hda - Fix missing COEF init for ALC225/295/299\n (bsc#1031717).\n\n - alsa: hda - Fix surround output pins for ASRock B150M\n mobo (bsc#1031717).\n\n - alsa: hda - On-board speaker fixup on ACER Veriton\n (bsc#1031717).\n\n - alsa: hda/realtek - Add ALC256 HP depop function\n (bsc#1031717).\n\n - alsa: hda/realtek - Add default procedure for suspend\n and resume state (bsc#1031717).\n\n - alsa: hda/realtek - Add support for Acer Aspire E5-475\n headset mic (bsc#1031717).\n\n - alsa: hda/realtek - Add support for ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - Add support for headset MIC for\n ALC622 (bsc#1031717).\n\n - alsa: hda/realtek - ALC891 headset mode for Dell\n (bsc#1031717).\n\n - alsa: hda/realtek - change the location for one of two\n front microphones (bsc#1031717).\n\n - alsa: hda/realtek - Enable jack detection function for\n Intel ALC700 (bsc#1031717).\n\n - alsa: hda/realtek - Fix ALC275 no sound issue\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix Dell AIO LineOut issue\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset and mic on several Asus\n laptops with ALC256 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic and speaker on Asus\n X441SA/X441UV (bsc#1031717).\n\n - alsa: hda/realtek - fix headset mic detection for MSI\n MS-B120 (bsc#1031717).\n\n - alsa: hda/realtek - Fix headset mic on several Asus\n laptops with ALC255 (bsc#1031717).\n\n - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370\n (bsc#1031717).\n\n - alsa: hda/realtek - Fix speaker support for Asus AiO\n ZN270IE (bsc#1031717).\n\n - alsa: hda/realtek - Fix typo of pincfg for Dell quirk\n (bsc#1031717).\n\n - alsa: hda/realtek - New codec device ID for ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - New codecs support for\n ALC215/ALC285/ALC289 (bsc#1031717).\n\n - alsa: hda/realtek - New codec support for ALC257\n (bsc#1031717).\n\n - alsa: hda/realtek - New codec support of ALC1220\n (bsc#1031717).\n\n - alsa: hda/realtek - No loopback on ALC225/ALC295 codec\n (bsc#1031717).\n\n - alsa: hda/realtek - Remove ALC285 device ID\n (bsc#1031717).\n\n - alsa: hda/realtek - Support Dell headset mode for\n ALC3271 (bsc#1031717).\n\n - alsa: hda/realtek - Support headset mode for\n ALC234/ALC274/ALC294 (bsc#1031717).\n\n - alsa: hda/realtek - There is no loopback mixer in the\n ALC234/274/294 (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC225\n (bsc#1031717).\n\n - alsa: hda/realtek - Update headset mode for ALC298\n (bsc#1031717).\n\n - alsa: hda - Skip Realtek SKU check for Lenovo machines\n (bsc#1031717).\n\n - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n\n - alsa: rawmidi: Avoid racy info ioctl via ctl device\n (bsc#1031717).\n\n - alsa: seq: Remove spurious WARN_ON() at timer check\n (bsc#1031717).\n\n - alsa: usb-audio: Add check return value for usb_string()\n (bsc#1031717).\n\n - alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n\n - alsa: usb-audio: Fix the missing ctl name suffix at\n parsing SU (bsc#1031717).\n\n - apei / ERST: Fix missing error handling in erst_reader()\n (bsc#1072556).\n\n - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1\n cd-gpio (bnc#1012382).\n\n - arm: Hide finish_arch_post_lock_switch() from modules\n (bsc#1068032).\n\n - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning\n up on failure (bsc#1031717).\n\n - asoc: twl4030: fix child-node lookup (bsc#1031717).\n\n - asoc: wm_adsp: Fix validation of firmware and coeff\n lengths (bsc#1031717).\n\n - autofs: fix careless error in recent commit (bnc#1012382\n bsc#1065180).\n\n - bcache: Fix building error on MIPS (bnc#1012382).\n\n - bnxt_en: Do not print 'Link speed -1 no longer\n supported' messages (bsc#1070116).\n\n - bpf: prevent speculative execution in eBPF interpreter\n (bnc#1068032).\n\n - btrfs: clear space cache inode generation always\n (bnc#1012382).\n\n - btrfs: embed extent_changeset::range_changed to the\n structure (dependent patch, bsc#1031395).\n\n - btrfs: qgroup: Fix qgroup reserved space underflow by\n only freeing reserved ranges (bsc#1031395).\n\n - btrfs: qgroup: Fix qgroup reserved space underflow\n caused by buffered write and quotas being enabled\n (bsc#1031395).\n\n - btrfs: qgroup: Introduce extent changeset for qgroup\n reserve functions (dependent patch, bsc#1031395).\n\n - btrfs: qgroup: Return actually freed bytes for qgroup\n release or free data (bsc#1031395).\n\n - btrfs: qgroup-test: Fix backport error in qgroup\n selftest (just to make CONFIG_BTRFS_FS_RUN_SANITY_TESTS\n pass compile).\n\n - btrfs: ulist: make the finalization function public\n (dependent patch, bsc#1031395).\n\n - btrfs: ulist: rename ulist_fini to ulist_release\n (dependent patch, bsc#1031395).\n\n - carl9170: prevent speculative execution (bnc#1068032).\n\n - ceph: drop negative child dentries before try pruning\n inode's alias (bsc#1073525).\n\n - Check cmdline_find_option() retval properly and use\n boot_cpu_has().\n\n - cifs: Fix NULL pointer deref on SMB2_tcon() failure\n (bsc#1071009).\n\n - cw1200: prevent speculative execution (bnc#1068032).\n\n - drm/radeon: fix atombios on big endian (bnc#1012382).\n\n - e1000e: Fix e1000_check_for_copper_link_ich8lan return\n value (bsc#1073809).\n\n - eeprom: at24: check at24_read/write arguments\n (bnc#1012382).\n\n - Fix unsed variable warning in has_unmovable_pages\n (bsc#1073868).\n\n - fs: prevent speculative execution (bnc#1068032).\n\n - genwqe: Take R/W permissions into account when dealing\n with memory pages (bsc#1073090).\n\n - ibmvnic: Include header descriptor support for ARP\n packets (bsc#1073912).\n\n - ibmvnic: Increase maximum number of RX/TX queues\n (bsc#1073912).\n\n - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to\n IBMVNIC_MAX_QUEUES (bsc#1073912).\n\n - ib/uverbs: Fix command checking as part of\n ib_uverbs_ex_modify_qp() (FATE#321231 FATE#321473\n FATE#322153 FATE#322149).\n\n - ip_gre: remove the incorrect mtu limit for ipgre tap\n (bsc#1022912 FATE#321246).\n\n - ipv6: prevent speculative execution (bnc#1068032).\n\n - iw_cxgb4: fix misuse of integer variable\n (bsc#963897,FATE#320114).\n\n - iw_cxgb4: only insert drain cqes if wq is flushed\n (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780\n bsc#321661 FATE#1005781).\n\n - iw_cxgb4: reflect the original WR opcode in drain cqes\n (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780\n bsc#321661 FATE#1005781).\n\n - iw_cxgb4: when flushing, complete all wrs in a chain\n (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780\n bsc#321661 FATE#1005781).\n\n - kabi fix for new hash_cred function (bsc#1012917).\n\n - kaiser: add 'nokaiser' boot option, using ALTERNATIVE.\n\n - kaiser: align addition to x86/mm/Makefile.\n\n - kaiser: asm/tlbflush.h handle noPGE at lower level.\n\n - kaiser: cleanups while trying for gold link.\n\n - kaiser: disabled on Xen PV.\n\n - kaiser: do not set _PAGE_NX on pgd_none.\n\n - kaiser: drop is_atomic arg to kaiser_pagetable_walk().\n\n - kaiser: enhanced by kernel and user PCIDs.\n\n - kaiser: ENOMEM if kaiser_pagetable_walk() NULL.\n\n - kaiser: fix build and FIXME in alloc_ldt_struct().\n\n - kaiser: fix perf crashes.\n\n - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER.\n\n - kaiser: fix unlikely error in alloc_ldt_struct().\n\n - kaiser: KAISER depends on SMP.\n\n - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID.\n\n - kaiser: kaiser_remove_mapping() move along the pgd.\n\n - kaiser: Kernel Address Isolation.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush.\n\n - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush\n user.\n\n - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET.\n\n - kaiser: paranoid_entry pass cr3 need to paranoid_exit.\n\n - kaiser: PCID 0 for kernel and 128 for user.\n\n - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid\n stalls.\n\n - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE.\n\n - kaiser: tidied up asm/kaiser.h somewhat.\n\n - kaiser: tidied up kaiser_add/remove_mapping slightly.\n\n - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.\n\n - kaiser: vmstat show NR_KAISERTABLE as nr_overhead.\n\n - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user.\n\n - kvm: SVM: Do not intercept new speculative control MSRs\n (bsc#1068032).\n\n - kvm: x86: Add speculative control CPUID support for\n guests (bsc#1068032).\n\n - kvm: x86: Exit to user-mode on #UD intercept when\n emulator requires (bnc#1012382).\n\n - kvm: x86: inject exceptions produced by x86_decode_insn\n (bnc#1012382).\n\n - kvm: x86: pvclock: Handle first-time write to\n pvclock-page contains random junk (bnc#1012382).\n\n - locking/barriers: introduce new memory barrier gmb()\n (bnc#1068032).\n\n - mmc: core: Do not leave the block driver in a suspended\n state (bnc#1012382).\n\n - mm/mmu_context, sched/core: Fix mmu_context.h assumption\n (bsc#1068032).\n\n - mtd: nand: Fix writing mtdoops to nand flash\n (bnc#1012382).\n\n - netlink: add a start callback for starting a netlink\n dump (bnc#1012382).\n\n - net/mlx5e: DCBNL, Implement tc with ets type and zero\n bandwidth (bsc#966170 FATE#320225 bsc#966172\n FATE#320226).\n\n - net/mlx5e: Fix ETS BW check (bsc#966170 FATE#320225\n bsc#966172 FATE#320226).\n\n - net/mlx5: Fix error flow in CREATE_QP command\n (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n\n - net: mpls: prevent speculative execution (bnc#1068032).\n\n - nfsd: Fix another OPEN stateid race (bnc#1012382).\n\n - nfsd: Fix stateid races between OPEN and CLOSE\n (bnc#1012382).\n\n - nfsd: Make init_open_stateid() a bit more whole\n (bnc#1012382).\n\n - nfs: improve shinking of access cache (bsc#1012917).\n\n - nfs: revalidate '.' etc correctly on 'open'\n (bsc#1068951).\n\n - nfs: revalidate '.' etc correctly on 'open' (git-fixes).\n Fix References: tag.\n\n - nfsv4: always set NFS_LOCK_LOST when a lock is lost\n (bsc#1068951).\n\n - nvme-fabrics: introduce init command check for a queue\n that is not alive (bsc#1072890).\n\n - nvme-fc: check if queue is ready in queue_rq\n (bsc#1072890).\n\n - nvme-fc: do not use bit masks for set/test_bit() numbers\n (bsc#1072890).\n\n - nvme-loop: check if queue is ready in queue_rq\n (bsc#1072890).\n\n - nvmet-fc: cleanup nvmet add_port/remove_port\n (bsc#1072890).\n\n - nvmet_fc: correct broken add_port (bsc#1072890).\n\n - p54: prevent speculative execution (bnc#1068032).\n\n - powerpc/barrier: add gmb.\n\n - powerpc: Secure memory rfi flush (bsc#1068032).\n\n - ptrace: Add a new thread access check (bsc#1068032).\n\n - qla2xxx: prevent speculative execution (bnc#1068032).\n\n - Revert 'drm/radeon: dont switch vt on suspend'\n (bnc#1012382).\n\n - Revert 'ipsec: Fix aborted xfrm policy dump crash'\n (kabi).\n\n - Revert 'netlink: add a start callback for starting a\n netlink dump' (kabi).\n\n - s390: add ppa to system call and program check path\n (bsc#1068032).\n\n - s390: introduce CPU alternatives.\n\n - s390: introduce CPU alternatives (bsc#1068032).\n\n - s390/qeth: add missing hash table initializations\n (bnc#1072216, LTC#162173).\n\n - s390/qeth: fix early exit from error path (bnc#1072216,\n LTC#162173).\n\n - s390/qeth: fix thinko in IPv4 multicast address tracking\n (bnc#1072216, LTC#162173).\n\n - s390/spinlock: add gmb memory barrier\n\n - s390/spinlock: add gmb memory barrier (bsc#1068032).\n\n - s390/spinlock: add ppa to system call path Signoff the\n s390 patches.\n\n - sched/core: Add switch_mm_irqs_off() and use it in the\n scheduler (bsc#1068032).\n\n - sched/core: Idle_task_exit() shouldn't use\n switch_mm_irqs_off() (bsc#1068032).\n\n - sched/rt: Do not pull from current CPU if only one CPU\n to pull (bnc#1022476).\n\n - scsi_dh_alua: skip RTPG for devices only supporting\n active/optimized (bsc#1064311).\n\n - scsi: lpfc: correct sg_seg_cnt attribute min vs default\n (bsc#1072166).\n\n - scsi: qedi: Limit number for CQ queues (bsc#1072866).\n\n - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25\n (bsc#1063043). This is specific to FUJITSU ETERNUS_DX*\n targets. They can return 'Illegal Request - Logical unit\n not supported' and processing should leave the timeout\n loop in this case.\n\n - scsi: ses: check return code from ses_recv_diag()\n (bsc#1039616).\n\n - scsi: ses: Fixup error message 'failed to get diagnostic\n page 0xffffffea' (bsc#1039616).\n\n - scsi: ses: Fix wrong page error (bsc#1039616).\n\n - scsi: ses: make page2 support optional (bsc#1039616).\n\n - sfc: pass valid pointers from efx_enqueue_unwind\n (bsc#1017967 FATE#321663).\n\n - sunrpc: add auth_unix hash_cred() function\n (bsc#1012917).\n\n - sunrpc: add generic_auth hash_cred() function\n (bsc#1012917).\n\n - sunrpc: add hash_cred() function to rpc_authops struct\n (bsc#1012917).\n\n - sunrpc: add RPCSEC_GSS hash_cred() function\n (bsc#1012917).\n\n - sunrpc: replace generic auth_cred hash with\n auth-specific function (bsc#1012917).\n\n - sunrpc: use supplimental groups in auth hash\n (bsc#1012917).\n\n - Thermal/int340x: prevent speculative execution\n (bnc#1068032).\n\n - udf: prevent speculative execution (bnc#1068032).\n\n - Update config files: enable KAISER.\n\n - usb: host: fix incorrect updating of offset\n (bsc#1047487).\n\n - userns: prevent speculative execution (bnc#1068032).\n\n - uvcvideo: prevent speculative execution (bnc#1068032).\n\n - vxlan: correctly handle ipv6.disable module parameter\n (bsc#1072962).\n\n - x86/boot: Add early cmdline parsing for options with\n arguments.\n\n - x86/CPU/AMD: Add speculative control support for AMD\n (bsc#1068032).\n\n - x86/CPU/AMD: Make the LFENCE instruction serialized\n (bsc#1068032).\n\n - x86/CPU/AMD: Remove now unused definition of\n MFENCE_RDTSC feature (bsc#1068032).\n\n - x86/CPU: Check speculation control CPUID bit\n (bsc#1068032).\n\n - x86/efi-bgrt: Replace early_memremap() with memremap()\n (bnc#1012382).\n\n - x86/enter: Add macros to set/clear IBRS and set IBPB\n (bsc#1068032).\n\n - x86/entry: Add a function to overwrite the RSB\n (bsc#1068032).\n\n - x86/entry: Stuff RSB for entry to kernel for non-SMEP\n platform (bsc#1068032).\n\n - x86/entry: Use IBRS on entry to kernel space\n (bsc#1068032).\n\n - x86/feature: Enable the x86 feature to control\n Speculation (bsc#1068032).\n\n - x86/idle: Disable IBRS when offlining a CPU and\n re-enable on wakeup (bsc#1068032).\n\n - x86/idle: Toggle IBRS when going idle (bsc#1068032).\n\n - x86/kaiser: Check boottime cmdline params.\n\n - x86/kaiser: Move feature detection up (bsc#1068032).\n\n - x86/kaiser: Reenable PARAVIRT.\n\n - x86/kaiser: Rename and simplify X86_FEATURE_KAISER\n handling.\n\n - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to\n kvm (bsc#1068032).\n\n - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to\n kvm (bsc#1068032).\n\n - x86/kvm: Flush IBP when switching VMs (bsc#1068032).\n\n - x86/kvm: Pad RSB on VM transition (bsc#1068032).\n\n - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).\n\n - x86/mm/64: Fix reboot interaction with CR4.PCIDE\n (bsc#1068032).\n\n - x86/mm: Add a 'noinvpcid' boot option to turn off\n INVPCID (bsc#1068032).\n\n - x86/mm: Add INVPCID helpers (bsc#1068032).\n\n - x86/mm: Add the 'nopcid' boot option to turn off PCID\n (bsc#1068032).\n\n - x86/mm: Build arch/x86/mm/tlb.c even on !SMP\n (bsc#1068032).\n\n - x86/mm: Enable CR4.PCIDE on supported systems\n (bsc#1068032).\n\n - x86/mm: Fix INVPCID asm constraint (bsc#1068032).\n\n - x86/mm: If INVPCID is available, use it to flush global\n mappings (bsc#1068032).\n\n - x86/mm: Make flush_tlb_mm_range() more predictable\n (bsc#1068032).\n\n - x86/mm: Only set IBPB when the new thread cannot ptrace\n current thread (bsc#1068032).\n\n - x86/mm: Reimplement flush_tlb_page() using\n flush_tlb_mm_range() (bsc#1068032).\n\n - x86/mm: Remove flush_tlb() and flush_tlb_current_task()\n (bsc#1068032).\n\n - x86/mm: Remove the UP asm/tlbflush.h code, always use\n the (formerly) SMP code (bsc#1068032).\n\n - x86/mm, sched/core: Turn off IRQs in switch_mm()\n (bsc#1068032).\n\n - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032).\n\n - x86/mm: Set IBPB upon context switch (bsc#1068032).\n\n - x86/MSR: Move native_*msr(.. u64) to msr.h\n (bsc#1068032).\n\n - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032).\n\n - x86/spec: Add IBRS control functions (bsc#1068032).\n\n - x86/spec: Add 'nospec' chicken bit (bsc#1068032).\n\n - x86/spec: Check CPUID direclty post microcode reload to\n support IBPB feature (bsc#1068032).\n\n - x86/spec_ctrl: Add an Indirect Branch Predictor barrier\n (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBPB is enabled before\n using it (bsc#1068032).\n\n - x86/spec_ctrl: Check whether IBRS is enabled before\n using it (bsc#1068032).\n\n - x86/svm: Add code to clear registers on VM exit\n (bsc#1068032).\n\n - x86/svm: Clobber the RSB on VM exit (bsc#1068032).\n\n - x86/svm: Set IBPB when running a different VCPU\n (bsc#1068032).\n\n - x86/svm: Set IBRS value on VM entry and exit\n (bsc#1068032).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1063043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1064311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1070116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1071009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=964063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966172\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kselftests-kmp-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/05\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debugsource-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debugsource-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-devel-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-devel-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-html-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-pdf-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-macros-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-debugsource-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-qa-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-vanilla-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-syms-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debugsource-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-devel-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-debug-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-debug-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-default-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-default-debuginfo-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-vanilla-4.4.104-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kselftests-kmp-vanilla-debuginfo-4.4.104-39.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-devel / kernel-macros / kernel-source / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:11:47", "description": "The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please also check with your CPU / Hardware vendor for available firmware or BIOS updates. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'.\n This is only enabled by default on affected architectures. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options.\n The following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-04T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0010-1) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2017-17806", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-0010-1.NASL", "href": "https://www.tenable.com/plugins/nessus/105574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0010-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105574);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/09/10 13:51:46\");\n\n script_cve_id(\"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0010-1) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various\nsecurity and bugfixes. This update adds mitigations for various side\nchannel attacks against modern CPUs that could disclose content of\notherwise unreadable memory (bnc#1068032).\n\n - CVE-2017-5753 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use attacker controllable speculative\n execution over code patterns in the Linux Kernel to leak\n content from otherwise not readable memory in the same\n address space, allowing retrieval of passwords,\n cryptographic keys and other secrets. This problem is\n mitigated by adding speculative fencing on affected code\n paths throughout the Linux kernel.\n\n - CVE-2017-5715 / 'SpectreAttack': Local attackers on\n systems with modern CPUs featuring branch prediction\n could use mispredicted branches to speculatively execute\n code patterns that in turn could be made to leak other\n non-readable content in the same address space, an\n attack similar to CVE-2017-5753. This problem is\n mitigated by disabling predictive branches, depending on\n CPU architecture either by firmware updates and/or fixes\n in the user-kernel privilege boundaries. Please also\n check with your CPU / Hardware vendor for available\n firmware or BIOS updates. As this feature can have a\n performance impact, it can be disabled using the\n 'nospec' kernel commandline option.\n\n - CVE-2017-5754 / 'MeltdownAttack': Local attackers on\n systems with modern CPUs featuring deep instruction\n pipelining could use code patterns in userspace to\n speculative executive code that would read otherwise\n read protected memory. This problem is mitigated by\n unmapping the Linux Kernel from the user address space\n during user code execution, following a approach called\n 'KAISER'. The terms used here are 'KAISER' / 'Kernel\n Address Isolation' and 'PTI' / 'Page Table Isolation'.\n This is only enabled by default on affected\n architectures. This feature can be enabled / disabled by\n the 'pti=[on|off|auto]' or 'nopti' commandline options.\n The following security bugs were fixed :\n\n - CVE-2017-17806: The HMAC implementation (crypto/hmac.c)\n in the Linux kernel did not validate that the underlying\n cryptographic hash algorithm is unkeyed, allowing a\n local attacker able to use the AF_ALG-based hash\n interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3\n hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel\n stack-based buffer overflow by executing a crafted\n sequence of system calls that encounter a missing SHA-3\n initialization (bnc#1073874).\n\n - CVE-2017-17805: The Salsa20 encryption algorithm in the\n Linux kernel did not correctly handle zero-length\n inputs, allowing a local attacker able to use the\n AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n service (uninitialized-memory free and kernel crash) or\n have unspecified other impact by executing a crafted\n sequence of system calls that use the blkcipher_walk\n API. Both the generic implementation\n (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n vulnerable (bnc#1073792).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1047487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1063043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1070116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17806/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180010-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abca72d4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-12=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-12=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-12=1\n\nSUSE Linux Enterprise Live Patching 12-SP3:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP3-2018-12=1\n\nSUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch\nSUSE-SLE-HA-12-SP3-2018-12=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-12=1\n\nSUSE Container as a Service Platform ALL:zypper in -t patch\nSUSE-CAASP-ALL-2018-12=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-base-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-base-debuginfo-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-debuginfo-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-debugsource-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-devel-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-syms-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.4.103-6.38.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.103-6.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:19", "description": "The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel (2017-129969aa8a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2017-129969AA8A.NASL", "href": "https://www.tenable.com/plugins/nessus/105819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-129969aa8a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105819);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n script_xref(name:\"FEDORA\", value:\"2017-129969aa8a\");\n\n script_name(english:\"Fedora 27 : kernel (2017-129969aa8a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-129969aa8a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-129969aa8a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.14.6-300.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:23", "description": "The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-20T00:00:00", "type": "nessus", "title": "Fedora 26 : kernel (2017-ba6b6e71f7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-BA6B6E71F7.NASL", "href": "https://www.tenable.com/plugins/nessus/105383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba6b6e71f7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105383);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n script_xref(name:\"FEDORA\", value:\"2017-ba6b6e71f7\");\n\n script_name(english:\"Fedora 26 : kernel (2017-ba6b6e71f7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba6b6e71f7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-ba6b6e71f7\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.14.6-200.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-12T15:02:19", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\n - CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system.\n\n This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack.\n This solution might have a performance impact, and can be disabled at boot time by passing pti=off to the kernel command line.\n\n - CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free. A local user could use this for denial of service (crash or data corruption) or possibly for privilege escalation. On systems that do not already have the dccp module loaded, this can be mitigated by disabling it:echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\n - CVE-2017-15868 Al Viro found that the Bluebooth Network Encapsulation Protocol (BNEP) implementation did not validate the type of the second socket passed to the BNEPCONNADD ioctl(), which could lead to memory corruption. A local user with the CAP_NET_ADMIN capability can use this for denial of service (crash or data corruption) or possibly for privilege escalation.\n\n - CVE-2017-16538 Andrey Konovalov reported that the dvb-usb-lmedm04 media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash).\n\n - CVE-2017-16939 Mohamed Ghannam reported (through Beyond Security's SecuriTeam Secure Disclosure program) that the IPsec (xfrm) implementation did not correctly handle some failure cases when dumping policy information through netlink. A local user with the CAP_NET_ADMIN capability can use this for denial of service (crash or data corruption) or possibly for privilege escalation.\n\n - CVE-2017-17448 Kevin Cernekee discovered that the netfilter subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace, not just the root namespace, to enable and disable connection tracking helpers. This could lead to denial of service, violation of network security policy, or have other impact.\n\n - CVE-2017-17449 Kevin Cernekee discovered that the netlink subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace to monitor netlink traffic in all net namespaces, not just those owned by that user namespace.\n This could lead to exposure of sensitive information.\n\n - CVE-2017-17450 Kevin Cernekee discovered that the xt_osf module allowed users with the CAP_NET_ADMIN capability in any user namespace to modify the global OS fingerprint list.\n\n - CVE-2017-17558 Andrey Konovalov reported that that USB core did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation.\n\n - CVE-2017-17741 Dmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash).\n\n - CVE-2017-17805 It was discovered that some implementations of the Salsa20 block cipher did not correctly handle zero-length input. A local user could use this to cause a denial of service (crash) or possibly have other security impact.\n\n - CVE-2017-17806 It was discovered that the HMAC implementation could be used with an underlying hash algorithm that requires a key, which was